OpenCVE

Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for locking classes within Omnis libraries: it should be no longer possible to delete, view, change, copy, rename, duplicate, or print a locked class. Due to implementation issues, locked classes in Omnis libraries can be unlocked, and thus further analyzed and modified by Omnis Studio. This allows for further analyzing and also deleting, viewing, changing, copying, renaming, duplicating, or printing previously locked Omnis classes. This violates the expected behavior of an "irreversible operation."

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact partial

Vendors	Products
Omnis	Studio

Configuration 1 [-]

cpe:2.3:a:omnis:studio:10.22.00:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html
http://seclists.org/fulldisclosure/2023/Jul/42
http://seclists.org/fulldisclosure/2023/Jul/43
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt

History

Thu, 24 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-276
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-07-20T00:00:00

Updated: 2024-10-24T20:33:37.525Z

Reserved: 2023-07-14T00:00:00

Link: CVE-2023-38334

Vulnrichment

Updated: 2024-08-02T17:39:12.696Z

NVD

Status : Modified

Published: 2023-07-20T18:15:12.170

Modified: 2024-11-21T08:13:21.303

Link: CVE-2023-38334

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-38334", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-24T20:33:37.525Z", "dateReserved": "2023-07-14T00:00:00", "datePublished": "2023-07-20T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-07-26T00:00:00"}, "descriptions": [{"lang": "en", "value": "Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for locking classes within Omnis libraries: it should be no longer possible to delete, view, change, copy, rename, duplicate, or print a locked class. Due to implementation issues, locked classes in Omnis libraries can be unlocked, and thus further analyzed and modified by Omnis Studio. This allows for further analyzing and also deleting, viewing, changing, copying, renaming, duplicating, or printing previously locked Omnis classes. This violates the expected behavior of an \"irreversible operation.\""}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt"}, {"name": "20230721 [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334)", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Jul/42"}, {"url": "http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html"}, {"name": "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2023/Jul/43"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:12.696Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt", "tags": ["x_transferred"]}, {"name": "20230721 [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334)", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Jul/42"}, {"url": "http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html", "tags": ["x_transferred"]}, {"name": "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2023/Jul/43"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-276", "lang": "en", "description": "CWE-276 Incorrect Default Permissions"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-24T20:32:04.757110Z", "id": "CVE-2023-38334", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T20:33:37.525Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/42", "name": "20230721 [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334)", "tags": ["mailing-list", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/43", "name": "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", "tags": ["mailing-list", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:12.696Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38334", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-24T20:32:04.757110Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T20:33:32.643Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt"}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/42", "name": "20230721 [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334)", "tags": ["mailing-list"]}, {"url": "http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html"}, {"url": "http://seclists.org/fulldisclosure/2023/Jul/43", "name": "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", "tags": ["mailing-list"]}], "descriptions": [{"lang": "en", "value": "Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for locking classes within Omnis libraries: it should be no longer possible to delete, view, change, copy, rename, duplicate, or print a locked class. Due to implementation issues, locked classes in Omnis libraries can be unlocked, and thus further analyzed and modified by Omnis Studio. This allows for further analyzing and also deleting, viewing, changing, copying, renaming, duplicating, or printing previously locked Omnis classes. This violates the expected behavior of an \"irreversible operation.\""}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-07-26T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2023-38334", "state": "PUBLISHED", "dateUpdated": "2024-10-24T20:33:37.525Z", "dateReserved": "2023-07-14T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-07-20T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:omnis:studio:10.22.00:*:*:*:*:*:*:*", "matchCriteriaId": "3F011FFF-439D-435F-BFAC-DDC84CAFFA20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for locking classes within Omnis libraries: it should be no longer possible to delete, view, change, copy, rename, duplicate, or print a locked class. Due to implementation issues, locked classes in Omnis libraries can be unlocked, and thus further analyzed and modified by Omnis Studio. This allows for further analyzing and also deleting, viewing, changing, copying, renaming, duplicating, or printing previously locked Omnis classes. This violates the expected behavior of an \"irreversible operation.\""}], "id": "CVE-2023-38334", "lastModified": "2024-11-21T08:13:21.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-20T18:15:12.170", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/42"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://seclists.org/fulldisclosure/2023/Jul/43"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/173696/Omnis-Studio-10.22.00-Library-Unlock.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Jul/42"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://seclists.org/fulldisclosure/2023/Jul/43"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-006.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-276"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}