CVE-2024-22723 - Vulnerability Details - OpenCVE

Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "media_folder" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00215.

Key SSVC decision points have not yet been added.

Vendors	Products
Webtrees	Webtrees

Configuration 1 [-]

cpe:2.3:a:webtrees:webtrees:2.1.18:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68

History

Tue, 21 Jan 2025 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Webtrees Webtrees webtrees
Weaknesses		CWE-22
CPEs		cpe:2.3:a:webtrees:webtrees:2.1.18:::::::*
Vendors & Products		Webtrees Webtrees webtrees

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-02-28T00:00:00

Updated: 2024-08-01T22:51:11.012Z

Reserved: 2024-01-11T00:00:00

Link: CVE-2024-22723

Vulnrichment

Updated: 2024-08-01T22:51:11.012Z

NVD

Status : Analyzed

Published: 2024-02-28T06:15:49.827

Modified: 2025-01-21T18:31:46.820

Link: CVE-2024-22723

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-22723", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-01T22:51:11.012Z", "dateReserved": "2024-01-11T00:00:00", "datePublished": "2024-02-28T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-28T06:03:46.013111"}, "descriptions": [{"lang": "en", "value": "Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the \"media_folder\" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-31", "lang": "en", "description": "CWE-31 Path Traversal: 'dir\\..\\..\\filename'"}]}], "affected": [{"vendor": "webtrees", "product": "webtrees", "cpes": ["cpe:2.3:a:webtrees:webtrees:2.1.18:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.1.18", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-26T18:07:10.495124Z", "id": "CVE-2024-22723", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T18:08:20.174Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:51:11.012Z"}, "title": "CVE Program Container", "references": [{"url": "https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:51:11.012Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-22723", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-26T18:07:10.495124Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:webtrees:webtrees:2.1.18:*:*:*:*:*:*:*"], "vendor": "webtrees", "product": "webtrees", "versions": [{"status": "affected", "version": "2.1.18"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-31", "description": "CWE-31 Path Traversal: 'dir\\..\\..\\filename'"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T18:08:16.780Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68"}], "descriptions": [{"lang": "en", "value": "Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the \"media_folder\" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-28T06:03:46.013111"}}}, "cveMetadata": {"cveId": "CVE-2024-22723", "state": "PUBLISHED", "dateUpdated": "2024-08-01T22:51:11.012Z", "dateReserved": "2024-01-11T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-02-28T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webtrees:webtrees:2.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "18CB7C73-1A25-4446-823F-0B7889854829", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the \"media_folder\" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system."}, {"lang": "es", "value": "Webtrees 2.1.18 es vulnerable a Directory Traversal. Al manipular el par\u00e1metro \"media_folder\" en la URL, un atacante (en este caso, un administrador) puede navegar m\u00e1s all\u00e1 del directorio deseado (el directorio 'media/') para acceder a archivos confidenciales en otras partes del sistema de archivos de la aplicaci\u00f3n."}], "id": "CVE-2024-22723", "lastModified": "2025-01-21T18:31:46.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-28T06:15:49.827", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://cupc4k3.medium.com/cve-2024-22723-webtrees-vulnerability-uncovering-sensitive-data-through-path-traversal-7442e7a38b68"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-31"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}