CVE-2024-4328 - OpenCVE

A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such as deleting important files on the system. The issue is present in the application's handling of requests, making it susceptible to CSRF attacks that could lead to unauthorized actions being performed on behalf of the user.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Parisneo	Lollms Web Ui

Configuration 1 [-]

cpe:2.3:a:parisneo:lollms_web_ui:9.6:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8

History

No history.

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-06-10T07:27:09.072Z

Updated: 2024-08-01T20:40:47.115Z

Reserved: 2024-04-29T20:00:20.042Z

Link: CVE-2024-4328

Vulnrichment

Updated: 2024-08-01T20:40:47.115Z

NVD

Status : Analyzed

Published: 2024-06-10T08:15:51.730

Modified: 2024-06-12T19:33:00.527

Link: CVE-2024-4328

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4328", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-04-29T20:00:20.042Z", "datePublished": "2024-06-10T07:27:09.072Z", "dateUpdated": "2024-08-01T20:40:47.115Z"}, "containers": {"cna": {"title": "CSRF in clear_personality_files_list in parisneo/lollms-webui", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-06-10T07:27:09.072Z"}, "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such as deleting important files on the system. The issue is present in the application's handling of requests, making it susceptible to CSRF attacks that could lead to unauthorized actions being performed on behalf of the user."}], "affected": [{"vendor": "parisneo", "product": "parisneo/lollms-webui", "versions": [{"version": "unspecified", "status": "affected", "versionType": "custom", "lessThanOrEqual": "latest"}]}], "references": [{"url": "https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 4, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352"}]}], "source": {"advisory": "0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "parisneo", "product": "lollms-webui", "cpes": ["cpe:2.3:a:parisneo:lollms-webui:9.6:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "9.6", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-10T12:17:31.087611Z", "id": "CVE-2024-4328", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T12:18:56.901Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:47.115Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:47.115Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4328", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-10T12:17:31.087611Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:parisneo:lollms-webui:9.6:*:*:*:*:*:*:*"], "vendor": "parisneo", "product": "lollms-webui", "versions": [{"status": "affected", "version": "9.6"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T12:18:51.331Z"}}], "cna": {"title": "CSRF in clear_personality_files_list in parisneo/lollms-webui", "source": {"advisory": "0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "parisneo", "product": "parisneo/lollms-webui", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "latest"}]}], "references": [{"url": "https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8"}], "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such as deleting important files on the system. The issue is present in the application's handling of requests, making it susceptible to CSRF attacks that could lead to unauthorized actions being performed on behalf of the user."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-06-10T07:27:09.072Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4328", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:40:47.115Z", "dateReserved": "2024-04-29T20:00:20.042Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-06-10T07:27:09.072Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:parisneo:lollms_web_ui:9.6:*:*:*:*:*:*:*", "matchCriteriaId": "525C477F-F133-44B9-A0BC-43C1080D35F1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such as deleting important files on the system. The issue is present in the application's handling of requests, making it susceptible to CSRF attacks that could lead to unauthorized actions being performed on behalf of the user."}, {"lang": "es", "value": "Existe una vulnerabilidad de Cross-Site Request Forgery (CSRF) en la funci\u00f3n clear_personality_files_list de parisneo/lollms-webui v9.6. La vulnerabilidad surge del uso de una solicitud GET para borrar la lista de archivos de personalidad, que carece de la protecci\u00f3n CSRF adecuada. Esta falla permite a los atacantes enga\u00f1ar a los usuarios para que realicen acciones sin su consentimiento, como eliminar archivos importantes del sistema. El problema est\u00e1 presente en el manejo de solicitudes por parte de la aplicaci\u00f3n, lo que la hace susceptible a ataques CSRF que podr\u00edan llevar a la realizaci\u00f3n de acciones no autorizadas en nombre del usuario."}], "id": "CVE-2024-4328", "lastModified": "2024-06-12T19:33:00.527", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-10T08:15:51.730", "references": [{"source": "security@huntr.dev", "tags": ["Exploit"], "url": "https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@huntr.dev", "type": "Primary"}]}