CVE-2024-24764 - OpenCVE

October is a self-hosted CMS platform based on the Laravel PHP Framework. This issue affects authenticated administrators who may be redirected to an untrusted URL using the PageFinder schema. The resolver for the page finder link schema (`october://`) allowed external links, therefore allowing an open redirect outside the scope of the active host. This vulnerability has been patched in version 3.5.15.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Octobercms	October

Configuration 1 [-]

cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5

History

Thu, 19 Sep 2024 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Octobercms Octobercms october
CPEs		cpe:2.3:a:octobercms:october::::::::
Vendors & Products		Octobercms Octobercms october

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-26T00:02:49.362Z

Updated: 2024-08-01T23:28:12.102Z

Reserved: 2024-01-29T20:51:26.011Z

Link: CVE-2024-24764

Vulnrichment

Updated: 2024-08-01T23:28:12.102Z

NVD

Status : Analyzed

Published: 2024-06-26T01:15:47.890

Modified: 2024-09-19T16:57:46.463

Link: CVE-2024-24764

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24764", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-29T20:51:26.011Z", "datePublished": "2024-06-26T00:02:49.362Z", "dateUpdated": "2024-08-01T23:28:12.102Z"}, "containers": {"cna": {"title": "October Open Redirect for Administrator Accounts", "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5"}], "affected": [{"vendor": "octobercms", "product": "october", "versions": [{"version": ">= 3.2, < 3.5.15", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-26T00:02:49.362Z"}, "descriptions": [{"lang": "en", "value": "October is a self-hosted CMS platform based on the Laravel PHP Framework. This issue affects authenticated administrators who may be redirected to an untrusted URL using the PageFinder schema. The resolver for the page finder link schema (`october://`) allowed external links, therefore allowing an open redirect outside the scope of the active host. This vulnerability has been patched in version 3.5.15."}], "source": {"advisory": "GHSA-v2vf-jv88-3fp5", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-27T20:39:52.706655Z", "id": "CVE-2024-24764", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T14:31:21.880Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.102Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5", "name": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.102Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-24764", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-27T20:39:52.706655Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T14:31:19.387Z"}}], "cna": {"title": "October Open Redirect for Administrator Accounts", "source": {"advisory": "GHSA-v2vf-jv88-3fp5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "octobercms", "product": "october", "versions": [{"status": "affected", "version": ">= 3.2, < 3.5.15"}]}], "references": [{"url": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5", "name": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "October is a self-hosted CMS platform based on the Laravel PHP Framework. This issue affects authenticated administrators who may be redirected to an untrusted URL using the PageFinder schema. The resolver for the page finder link schema (`october://`) allowed external links, therefore allowing an open redirect outside the scope of the active host. This vulnerability has been patched in version 3.5.15."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-26T00:02:49.362Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24764", "state": "PUBLISHED", "dateUpdated": "2024-08-01T23:28:12.102Z", "dateReserved": "2024-01-29T20:51:26.011Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-26T00:02:49.362Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C52BE43-5841-46A0-B56D-F7043B9FE9BB", "versionEndExcluding": "3.5.15", "versionStartIncluding": "3.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "October is a self-hosted CMS platform based on the Laravel PHP Framework. This issue affects authenticated administrators who may be redirected to an untrusted URL using the PageFinder schema. The resolver for the page finder link schema (`october://`) allowed external links, therefore allowing an open redirect outside the scope of the active host. This vulnerability has been patched in version 3.5.15."}, {"lang": "es", "value": "October es una plataforma CMS autohospedada basada en Laravel PHP Framework. Este problema afecta a los administradores autenticados que pueden ser redirigidos a una URL que no es de confianza mediante el esquema de PageFinder. El solucionador del esquema de enlace del buscador de p\u00e1ginas (`october://`) permit\u00eda enlaces externos, por lo que permit\u00eda una redirecci\u00f3n abierta fuera del alcance del host activo. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 3.5.15."}], "id": "CVE-2024-24764", "lastModified": "2024-09-19T16:57:46.463", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-06-26T01:15:47.890", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/octobercms/october/security/advisories/GHSA-v2vf-jv88-3fp5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-601"}], "source": "security-advisories@github.com", "type": "Secondary"}]}