{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-31218", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-29T14:16:31.901Z", "datePublished": "2024-04-05T14:45:31.347Z", "dateUpdated": "2024-09-06T18:14:26.603Z"}, "containers": {"cna": {"title": "Missing Authentication for Critical Function in Webhood backend", "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "lang": "en", "description": "CWE-306: Missing Authentication for Critical Function", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2"}, {"name": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9", "tags": ["x_refsource_MISC"], "url": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9"}], "affected": [{"vendor": "webhood-io", "product": "webhood", "versions": [{"version": "< 0.9.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-04-05T14:45:31.347Z"}, "descriptions": [{"lang": "en", "value": "Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to send a HTTP request to the database (Pocketbase) admin API to create an admin account. The Pocketbase admin API does not check for authentication/authorization when creating an admin account when no admin accounts have been added. In its default deployment, Webhood does not create a database admin account. Therefore, unless users have manually created an admin account in the database, an admin account will not exist in the deployment and the deployment is vulnerable. Versions starting from 0.9.1 are patched. The patch creates a randomly generated admin account if admin accounts have not already been created i.e. the vulnerability is exploitable in the deployment. As a workaround, users can disable access to URL path starting with `/api/admins` entirely. With this workaround, the vulnerability is not exploitable via network."}], "source": {"advisory": "GHSA-h533-rxhm-73j2", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:46:04.885Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2"}, {"name": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9"}]}, {"affected": [{"vendor": "webhoodio", "product": "webhood", "cpes": ["cpe:2.3:a:webhoodio:webhood:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.9.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-07T17:41:26.026955Z", "id": "CVE-2024-31218", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-06T18:14:26.603Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2", "name": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9", "name": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:46:04.885Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-31218", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-07T17:41:26.026955Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:webhoodio:webhood:*:*:*:*:*:*:*:*"], "vendor": "webhoodio", "product": "webhood", "versions": [{"status": "affected", "version": "0", "lessThan": "0.9.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T13:55:50.323Z"}}], "cna": {"title": "Missing Authentication for Critical Function in Webhood backend", "source": {"advisory": "GHSA-h533-rxhm-73j2", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "webhood-io", "product": "webhood", "versions": [{"status": "affected", "version": "< 0.9.1"}]}], "references": [{"url": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2", "name": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9", "name": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to send a HTTP request to the database (Pocketbase) admin API to create an admin account. The Pocketbase admin API does not check for authentication/authorization when creating an admin account when no admin accounts have been added. In its default deployment, Webhood does not create a database admin account. Therefore, unless users have manually created an admin account in the database, an admin account will not exist in the deployment and the deployment is vulnerable. Versions starting from 0.9.1 are patched. The patch creates a randomly generated admin account if admin accounts have not already been created i.e. the vulnerability is exploitable in the deployment. As a workaround, users can disable access to URL path starting with `/api/admins` entirely. With this workaround, the vulnerability is not exploitable via network."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-04-05T14:45:31.347Z"}}}, "cveMetadata": {"cveId": "CVE-2024-31218", "state": "PUBLISHED", "dateUpdated": "2024-09-06T18:14:26.603Z", "dateReserved": "2024-03-29T14:16:31.901Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-04-05T14:45:31.347Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to send a HTTP request to the database (Pocketbase) admin API to create an admin account. The Pocketbase admin API does not check for authentication/authorization when creating an admin account when no admin accounts have been added. In its default deployment, Webhood does not create a database admin account. Therefore, unless users have manually created an admin account in the database, an admin account will not exist in the deployment and the deployment is vulnerable. Versions starting from 0.9.1 are patched. The patch creates a randomly generated admin account if admin accounts have not already been created i.e. the vulnerability is exploitable in the deployment. As a workaround, users can disable access to URL path starting with `/api/admins` entirely. With this workaround, the vulnerability is not exploitable via network."}, {"lang": "es", "value": "Webhood es un esc\u00e1ner de URL autohospedado que se utiliza para analizar sitios maliciosos y de phishing. Las im\u00e1genes del contenedor backend de Webhood en las versiones 0.9.0 y anteriores est\u00e1n sujetas a una vulnerabilidad de autenticaci\u00f3n faltante para funciones cr\u00edticas. Esta vulnerabilidad permite que un atacante no autenticado env\u00ede una solicitud HTTP a la API de administraci\u00f3n de la base de datos (Pocketbase) para crear una cuenta de administrador. La API de administraci\u00f3n de Pocketbase no verifica la autenticaci\u00f3n/autorizaci\u00f3n al crear una cuenta de administrador cuando no se han agregado cuentas de administrador. En su implementaci\u00f3n predeterminada, Webhood no crea una cuenta de administrador de base de datos. Por lo tanto, a menos que los usuarios hayan creado manualmente una cuenta de administrador en la base de datos, no existir\u00e1 una cuenta de administrador en la implementaci\u00f3n y la implementaci\u00f3n es vulnerable. Las versiones a partir de 0.9.1 est\u00e1n parcheadas. El parche crea una cuenta de administrador generada aleatoriamente si a\u00fan no se han creado cuentas de administrador, es decir, la vulnerabilidad se puede explotar en la implementaci\u00f3n. Como workaround, los usuarios pueden deshabilitar completamente el acceso a la ruta URL que comienza con `/api/admins`. Con esta workaround, la vulnerabilidad no se puede explotar a trav\u00e9s de la red."}], "id": "CVE-2024-31218", "lastModified": "2024-04-08T18:49:25.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-04-05T15:15:07.863", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9"}, {"source": "security-advisories@github.com", "url": "https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}