CVE-2024-31465 - OpenCVE

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the patch to the document `XWiki.SearchSuggestSourceSheet`.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e
https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7
https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809
https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395
https://jira.xwiki.org/browse/XWIKI-21474

History

Tue, 13 Aug 2024 14:30:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:xwiki:xwiki-platform:15.0-rc-1:::::::* cpe:2.3:a:xwiki:xwiki-platform:15.6-rc-1:::::::* cpe:2.3:a:xwiki:xwiki-platform:5.2-milestone-2:::::::*
Vendors & Products	Xwiki Xwiki xwiki-platform
Metrics	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-04-10T19:12:35.517Z

Updated: 2024-08-13T13:56:21.898Z

Reserved: 2024-04-03T17:55:32.648Z

Link: CVE-2024-31465

Vulnrichment

Updated: 2024-08-02T01:52:57.115Z

NVD

Status : Awaiting Analysis

Published: 2024-04-10T20:15:07.833

Modified: 2024-04-11T12:47:44.137

Link: CVE-2024-31465

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-31465", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-04-03T17:55:32.648Z", "datePublished": "2024-04-10T19:12:35.517Z", "dateUpdated": "2024-08-13T13:56:21.898Z"}, "containers": {"cna": {"title": "XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet", "problemTypes": [{"descriptions": [{"cweId": "CWE-95", "lang": "en", "description": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e", "tags": ["x_refsource_MISC"], "url": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7", "tags": ["x_refsource_MISC"], "url": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809", "tags": ["x_refsource_MISC"], "url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5", "tags": ["x_refsource_MISC"], "url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5"}, {"name": "https://jira.xwiki.org/browse/XWIKI-21474", "tags": ["x_refsource_MISC"], "url": "https://jira.xwiki.org/browse/XWIKI-21474"}], "affected": [{"vendor": "xwiki", "product": "xwiki-platform", "versions": [{"version": ">= 5.2-milestone-2, < 14.10.20", "status": "affected"}, {"version": ">= 15.0-rc-1, < 15.5.4", "status": "affected"}, {"version": ">= 15.6-rc-1, < 15.10-rc-1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-04-10T19:12:35.517Z"}, "descriptions": [{"lang": "en", "value": "XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the patch to the document `XWiki.SearchSuggestSourceSheet`."}], "source": {"advisory": "GHSA-34fj-r5gq-7395", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "xwiki", "product": "xwiki", "cpes": ["cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.2-milestone-2", "status": "affected", "lessThan": "14.10.20", "versionType": "custom"}, {"version": "15.0-rc-1", "status": "affected", "lessThan": "15.5.4", "versionType": "custom"}, {"version": "15.6-rc-1", "status": "affected", "lessThan": "15.10-rc-1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-16T18:36:09.920532Z", "id": "CVE-2024-31465", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-13T13:56:21.898Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:52:57.115Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809"}, {"name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5"}, {"name": "https://jira.xwiki.org/browse/XWIKI-21474", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jira.xwiki.org/browse/XWIKI-21474"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395", "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e", "name": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7", "name": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809", "name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5", "name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://jira.xwiki.org/browse/XWIKI-21474", "name": "https://jira.xwiki.org/browse/XWIKI-21474", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:52:57.115Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-31465", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-16T18:36:09.920532Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*"], "vendor": "xwiki", "product": "xwiki", "versions": [{"status": "affected", "version": "5.2-milestone-2", "lessThan": "14.10.20", "versionType": "custom"}, {"status": "affected", "version": "15.0-rc-1", "lessThan": "15.5.4", "versionType": "custom"}, {"status": "affected", "version": "15.6-rc-1", "lessThan": "15.10-rc-1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-16T18:34:52.347Z"}}], "cna": {"title": "XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet", "source": {"advisory": "GHSA-34fj-r5gq-7395", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "xwiki", "product": "xwiki-platform", "versions": [{"status": "affected", "version": ">= 5.2-milestone-2, < 14.10.20"}, {"status": "affected", "version": ">= 15.0-rc-1, < 15.5.4"}, {"status": "affected", "version": ">= 15.6-rc-1, < 15.10-rc-1"}]}], "references": [{"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395", "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e", "name": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7", "name": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809", "name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5", "name": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5", "tags": ["x_refsource_MISC"]}, {"url": "https://jira.xwiki.org/browse/XWIKI-21474", "name": "https://jira.xwiki.org/browse/XWIKI-21474", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the patch to the document `XWiki.SearchSuggestSourceSheet`."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-95", "description": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-04-10T19:12:35.517Z"}}}, "cveMetadata": {"cveId": "CVE-2024-31465", "state": "PUBLISHED", "dateUpdated": "2024-08-13T13:56:21.898Z", "dateReserved": "2024-04-03T17:55:32.648Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-04-10T19:12:35.517Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the patch to the document `XWiki.SearchSuggestSourceSheet`."}, {"lang": "es", "value": "XWiki Platform es una plataforma wiki gen\u00e9rica. A partir de la versi\u00f3n 5.0-rc-1 y antes de las versiones 14.10.20, 15.5.4 y 15.9-rc-1, cualquier usuario con derecho de edici\u00f3n en cualquier p\u00e1gina puede ejecutar cualquier c\u00f3digo en el servidor agregando un objeto de tipo `XWiki .SearchSuggestSourceClass` a su perfil de usuario o cualquier otra p\u00e1gina. Esto compromete la confidencialidad, integridad y disponibilidad de toda la instalaci\u00f3n de XWiki. Esta vulnerabilidad ha sido parcheada en XWiki 14.10.20, 15.5.4 y 15.10 RC1. Como workaround, aplique manualmente el parche al documento `XWiki.SearchSuggestSourceSheet`."}], "id": "CVE-2024-31465", "lastModified": "2024-04-11T12:47:44.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-04-10T20:15:07.833", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/xwiki/xwiki-platform/commit/0317a3aa78065e66c86fc725976b06bf7f9b446e"}, {"source": "security-advisories@github.com", "url": "https://github.com/xwiki/xwiki-platform/commit/2740974c32dbb7cc565546d0f04e2374b32b36f7"}, {"source": "security-advisories@github.com", "url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809"}, {"source": "security-advisories@github.com", "url": "https://github.com/xwiki/xwiki-platform/commit/6a7f19f6424036fce3d703413137adde950ae809#diff-67b473d2b6397d65b7726c6a13555850b11b10128321adf9e627e656e1d130a5"}, {"source": "security-advisories@github.com", "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-34fj-r5gq-7395"}, {"source": "security-advisories@github.com", "url": "https://jira.xwiki.org/browse/XWIKI-21474"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-95"}], "source": "security-advisories@github.com", "type": "Secondary"}]}