CVE-2023-36496 - OpenCVE

Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pingidentity	Pingdirectory

Configuration 1 [-]

OR	cpe:2.3:a:pingidentity:pingdirectory::::::::
	cpe:2.3:a:pingidentity:pingdirectory::::::::
	cpe:2.3:a:pingidentity:pingdirectory::::::::
	cpe:2.3:a:pingidentity:pingdirectory:9.2.0.0:::::::*
	cpe:2.3:a:pingidentity:pingdirectory:9.2.0.1:::::::*
	cpe:2.3:a:pingidentity:pingdirectory:9.3.0.0:::::::*
	cpe:2.3:a:pingidentity:pingdirectory:9.3.0.1:::::::*

No data.

References

Link	Providers
https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284
https://support.pingidentity.com/s/article/SECADV039
https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: Ping Identity

Published: 2024-02-01T23:00:03.660Z

Updated: 2024-08-02T16:45:57.106Z

Reserved: 2023-07-25T20:13:14.880Z

Link: CVE-2023-36496

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2024-02-01T23:15:09.107

Modified: 2024-02-09T19:47:24.757

Link: CVE-2023-36496

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-36496", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "state": "PUBLISHED", "assignerShortName": "Ping Identity", "dateReserved": "2023-07-25T20:13:14.880Z", "datePublished": "2024-02-01T23:00:03.660Z", "dateUpdated": "2024-08-02T16:45:57.106Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PingDirectory", "vendor": "Ping Identity", "versions": [{"lessThanOrEqual": "8.3.0.8", "status": "affected", "version": "8.3", "versionType": "8.3.0.9"}, {"lessThanOrEqual": "9.0.0.5", "status": "affected", "version": "9.0", "versionType": "9.0.0.6"}, {"lessThanOrEqual": "9.1.0.2", "status": "affected", "version": "9.1", "versionType": "9.1.0.3"}, {"lessThanOrEqual": "9.2.0.1", "status": "affected", "version": "9.2", "versionType": "9.2.0.2"}, {"lessThan": "9.3.0.1", "status": "affected", "version": "9.3", "versionType": "9.3.0.1"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Enable Delegated Admin virtual attribute provider"}], "value": "Enable Delegated Admin virtual attribute provider"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.</span><br>"}], "value": "Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.\n"}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122 Privilege Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2024-02-01T23:00:03.660Z"}, "references": [{"url": "https://support.pingidentity.com/s/article/SECADV039"}, {"url": "https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html"}, {"url": "https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284"}], "source": {"advisory": "SECADV039", "defect": ["DS-47632"], "discovery": "INTERNAL"}, "title": "Delegated Admin Virtual Attribute Provider Privilege Escalation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:45:57.106Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.pingidentity.com/s/article/SECADV039", "tags": ["x_transferred"]}, {"url": "https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html", "tags": ["x_transferred"]}, {"url": "https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pingidentity:pingdirectory:*:*:*:*:*:*:*:*", "matchCriteriaId": "2962B5D8-A12A-4D50-99AE-6355AB08F5DC", "versionEndIncluding": "8.3.0.8", "versionStartIncluding": "8.3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingdirectory:*:*:*:*:*:*:*:*", "matchCriteriaId": "70836EEB-D037-4560-962B-630C9CCD1262", "versionEndIncluding": "9.0.0.5", "versionStartIncluding": "9.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingdirectory:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBC21BB8-89C1-4DEA-A6D4-F44B99CEEB66", "versionEndIncluding": "9.1.0.2", "versionStartIncluding": "9.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingdirectory:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "402022A7-8257-4453-A488-3B87767FFC2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingdirectory:9.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20441BBB-9D6F-4AB5-A007-087AEAE5B7C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingdirectory:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "66F04A80-B97A-4C03-B75B-F44CEAB7BE15", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingdirectory:9.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DE606D4B-6F7A-4334-BB4E-8D161E3E9C35", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.\n"}, {"lang": "es", "value": "El complemento del proveedor de atributos virtuales Delegated Admin Privilege, cuando est\u00e1 habilitado, permite a un usuario autenticado elevar sus permisos en Directory Server."}], "id": "CVE-2023-36496", "lastModified": "2024-02-09T19:47:24.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.3, "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}, "published": "2024-02-01T23:15:09.107", "references": [{"source": "responsible-disclosure@pingidentity.com", "tags": ["Release Notes"], "url": "https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284"}, {"source": "responsible-disclosure@pingidentity.com", "tags": ["Permissions Required"], "url": "https://support.pingidentity.com/s/article/SECADV039"}, {"source": "responsible-disclosure@pingidentity.com", "tags": ["Product"], "url": "https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html"}], "sourceIdentifier": "responsible-disclosure@pingidentity.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}