OpenCVE

Pimcore is an Open Source Data & Experience Management Platform. Any call with the query argument `?pimcore_preview=true` allows to view unpublished sites. In previous versions of Pimcore, session information would propagate to previews, so only a logged in user could open a preview. This no longer applies. Previews are broad open to any user and with just the hint of a restricted link one could gain access to possible confident / unreleased information. This vulnerability is fixed in 11.2.2 and 11.1.6.1.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53
https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-26T15:10:41.792Z

Updated: 2024-08-05T14:31:39.567Z

Reserved: 2024-03-18T17:07:00.095Z

Link: CVE-2024-29197

Vulnrichment

Updated: 2024-08-02T01:10:54.523Z

NVD

Status : Awaiting Analysis

Published: 2024-03-26T15:15:49.390

Modified: 2024-11-21T09:07:46.843

Link: CVE-2024-29197

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29197", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-18T17:07:00.095Z", "datePublished": "2024-03-26T15:10:41.792Z", "dateUpdated": "2024-08-05T14:31:39.567Z"}, "containers": {"cna": {"title": "Pimcore Preview Documents are not restricted to logged in users anymore", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445"}, {"name": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53", "tags": ["x_refsource_MISC"], "url": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53"}], "affected": [{"vendor": "pimcore", "product": "pimcore", "versions": [{"version": ">= 11.0.0, < 11.1.6.1", "status": "affected"}, {"version": ">= 11.2.0, < 11.2.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-26T15:10:41.792Z"}, "descriptions": [{"lang": "en", "value": "Pimcore is an Open Source Data & Experience Management Platform. Any call with the query argument `?pimcore_preview=true` allows to view unpublished sites. In previous versions of Pimcore, session information would propagate to previews, so only a logged in user could open a preview. This no longer applies. Previews are broad open to any user and with just the hint of a restricted link one could gain access to possible confident / unreleased information. This vulnerability is fixed in 11.2.2 and 11.1.6.1.\n"}], "source": {"advisory": "GHSA-5737-rqv4-v445", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:10:54.523Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445"}, {"name": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53"}]}, {"affected": [{"vendor": "pimcore", "product": "pimcore", "cpes": ["cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "11.0.0", "status": "affected", "lessThan": "11.1.6.1", "versionType": "custom"}, {"version": "11.2.0", "status": "affected", "lessThan": "11.2.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-02T19:34:00.831827Z", "id": "CVE-2024-29197", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T14:31:39.567Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445", "name": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53", "name": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:10:54.523Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-29197", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-02T19:34:00.831827Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*"], "vendor": "pimcore", "product": "pimcore", "versions": [{"status": "affected", "version": "11.0.0", "lessThan": "11.1.6.1", "versionType": "custom"}, {"status": "affected", "version": "11.2.0", "lessThan": "11.2.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T14:31:27.136Z"}}], "cna": {"title": "Pimcore Preview Documents are not restricted to logged in users anymore", "source": {"advisory": "GHSA-5737-rqv4-v445", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "pimcore", "product": "pimcore", "versions": [{"status": "affected", "version": ">= 11.0.0, < 11.1.6.1"}, {"status": "affected", "version": ">= 11.2.0, < 11.2.2"}]}], "references": [{"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445", "name": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53", "name": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Pimcore is an Open Source Data & Experience Management Platform. Any call with the query argument `?pimcore_preview=true` allows to view unpublished sites. In previous versions of Pimcore, session information would propagate to previews, so only a logged in user could open a preview. This no longer applies. Previews are broad open to any user and with just the hint of a restricted link one could gain access to possible confident / unreleased information. This vulnerability is fixed in 11.2.2 and 11.1.6.1.\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-26T15:10:41.792Z"}}}, "cveMetadata": {"cveId": "CVE-2024-29197", "state": "PUBLISHED", "dateUpdated": "2024-08-05T14:31:39.567Z", "dateReserved": "2024-03-18T17:07:00.095Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-03-26T15:10:41.792Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Pimcore is an Open Source Data & Experience Management Platform. Any call with the query argument `?pimcore_preview=true` allows to view unpublished sites. In previous versions of Pimcore, session information would propagate to previews, so only a logged in user could open a preview. This no longer applies. Previews are broad open to any user and with just the hint of a restricted link one could gain access to possible confident / unreleased information. This vulnerability is fixed in 11.2.2 and 11.1.6.1.\n"}, {"lang": "es", "value": "Pimcore es una plataforma de gesti\u00f3n de experiencias y datos de c\u00f3digo abierto. Cualquier llamada con el argumento de consulta `?pimcore_preview=true` permite ver sitios no publicados. En versiones anteriores de Pimcore, la informaci\u00f3n de la sesi\u00f3n se propagaba a las vistas previas, por lo que solo un usuario que hab\u00eda iniciado sesi\u00f3n pod\u00eda abrir una vista previa. Esto ya no se aplica. Las vistas previas est\u00e1n abiertas a cualquier usuario y con s\u00f3lo un indicio de un enlace restringido se puede obtener acceso a posible informaci\u00f3n confidencial o in\u00e9dita. Esta vulnerabilidad se solucion\u00f3 en 11.2.2 y 11.1.6.1."}], "id": "CVE-2024-29197", "lastModified": "2024-11-21T09:07:46.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-26T15:15:49.390", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53"}, {"source": "security-advisories@github.com", "url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/pimcore/pimcore/commit/3ae43fb1065f9eb62ad2f542b883858d36d57e53"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-5737-rqv4-v445"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}]}