{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24765", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-29T20:51:26.011Z", "datePublished": "2024-03-06T17:31:56.841Z", "dateUpdated": "2024-08-06T14:01:47.283Z"}, "containers": {"cna": {"title": "CasaOS-UserService allows unauthorized access to any file", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c"}, {"name": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e", "tags": ["x_refsource_MISC"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e"}, {"name": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7", "tags": ["x_refsource_MISC"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7"}], "affected": [{"vendor": "IceWhaleTech", "product": "CasaOS-UserService", "versions": [{"version": "< 0.4.7", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-06T17:31:56.841Z"}, "descriptions": [{"lang": "en", "value": "CasaOS-UserService provides user management functionalities to CasaOS. Prior to version 0.4.7, path filtering of the URL for user avatar image files was not strict, making it possible to get any file on the system. This could allow an unauthorized actor to access, for example, the CasaOS user database, and possibly obtain system root privileges. Version 0.4.7 fixes this issue."}], "source": {"advisory": "GHSA-h5gf-cmm8-cg7c", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.928Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c"}, {"name": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e"}, {"name": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7"}]}, {"affected": [{"vendor": "icewhaletech", "product": "casaos-userservice", "cpes": ["cpe:2.3:a:icewhaletech:casaos-userservice:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.4.7", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-07T16:23:20.798254Z", "id": "CVE-2024-24765", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T14:01:47.283Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c", "name": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e", "name": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7", "name": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:28:12.928Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-24765", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-07T16:23:20.798254Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:icewhaletech:casaos-userservice:*:*:*:*:*:*:*:*"], "vendor": "icewhaletech", "product": "casaos-userservice", "versions": [{"status": "affected", "version": "0", "lessThan": "0.4.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T14:01:40.780Z"}}], "cna": {"title": "CasaOS-UserService allows unauthorized access to any file", "source": {"advisory": "GHSA-h5gf-cmm8-cg7c", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "IceWhaleTech", "product": "CasaOS-UserService", "versions": [{"status": "affected", "version": "< 0.4.7"}]}], "references": [{"url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c", "name": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e", "name": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7", "name": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "CasaOS-UserService provides user management functionalities to CasaOS. Prior to version 0.4.7, path filtering of the URL for user avatar image files was not strict, making it possible to get any file on the system. This could allow an unauthorized actor to access, for example, the CasaOS user database, and possibly obtain system root privileges. Version 0.4.7 fixes this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-06T17:31:56.841Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24765", "state": "PUBLISHED", "dateUpdated": "2024-08-06T14:01:47.283Z", "dateReserved": "2024-01-29T20:51:26.011Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-03-06T17:31:56.841Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:icewhale:casaos:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF55D9C0-43A2-4CDB-9DC7-36E100CC1814", "versionEndExcluding": "0.4.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CasaOS-UserService provides user management functionalities to CasaOS. Prior to version 0.4.7, path filtering of the URL for user avatar image files was not strict, making it possible to get any file on the system. This could allow an unauthorized actor to access, for example, the CasaOS user database, and possibly obtain system root privileges. Version 0.4.7 fixes this issue."}, {"lang": "es", "value": "CasaOS-UserService proporciona funcionalidades de gesti\u00f3n de usuarios a CasaOS. Antes de la versi\u00f3n 0.4.7, el filtrado de rutas de la URL para los archivos de im\u00e1genes de avatar de usuario no era estricto, lo que hac\u00eda posible obtener cualquier archivo en el sistema. Esto podr\u00eda permitir que un actor no autorizado acceda, por ejemplo, a la base de datos de usuarios de CasaOS y posiblemente obtenga privilegios de ra\u00edz del sistema. La versi\u00f3n 0.4.7 soluciona este problema."}], "id": "CVE-2024-24765", "lastModified": "2025-02-26T15:14:55.753", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-06T18:15:46.807", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-h5gf-cmm8-cg7c"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}