{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-45053", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-08-21T17:53:51.332Z", "datePublished": "2024-09-04T16:04:03.741Z", "dateUpdated": "2024-09-04T18:02:37.351Z"}, "containers": {"cna": {"title": "Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine", "problemTypes": [{"descriptions": [{"cweId": "CWE-1336", "lang": "en", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/ethyca/fides/security/advisories/GHSA-c34r-238x-f7qx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ethyca/fides/security/advisories/GHSA-c34r-238x-f7qx"}, {"name": "https://github.com/ethyca/fides/commit/829cbd9cb5ef9c814fbac1ed6800e8d939d359c5", "tags": ["x_refsource_MISC"], "url": "https://github.com/ethyca/fides/commit/829cbd9cb5ef9c814fbac1ed6800e8d939d359c5"}], "affected": [{"vendor": "ethyca", "product": "fides", "versions": [{"version": ">= 2.19.0, < 2.44.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-04T16:04:03.741Z"}, "descriptions": [{"lang": "en", "value": "Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds."}], "source": {"advisory": "GHSA-c34r-238x-f7qx", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "ethyca", "product": "fides", "cpes": ["cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.19.0", "status": "affected", "lessThan": "2.44.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-04T18:01:28.427738Z", "id": "CVE-2024-45053", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T18:02:37.351Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-45053", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-04T18:01:28.427738Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*"], "vendor": "ethyca", "product": "fides", "versions": [{"status": "affected", "version": "2.19.0", "lessThan": "2.44.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T18:02:32.279Z"}}], "cna": {"title": "Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine", "source": {"advisory": "GHSA-c34r-238x-f7qx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "ethyca", "product": "fides", "versions": [{"status": "affected", "version": ">= 2.19.0, < 2.44.0"}]}], "references": [{"url": "https://github.com/ethyca/fides/security/advisories/GHSA-c34r-238x-f7qx", "name": "https://github.com/ethyca/fides/security/advisories/GHSA-c34r-238x-f7qx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/ethyca/fides/commit/829cbd9cb5ef9c814fbac1ed6800e8d939d359c5", "name": "https://github.com/ethyca/fides/commit/829cbd9cb5ef9c814fbac1ed6800e8d939d359c5", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1336", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-04T16:04:03.741Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45053", "state": "PUBLISHED", "dateUpdated": "2024-09-04T18:02:37.351Z", "dateReserved": "2024-08-21T17:53:51.332Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-09-04T16:04:03.741Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*", "matchCriteriaId": "58150E65-FD62-47CA-ACD7-2F8876F131EF", "versionEndExcluding": "2.44.0", "versionStartIncluding": "2.19.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds."}, {"lang": "es", "value": "Fides es una plataforma de ingenier\u00eda de privacidad de c\u00f3digo abierto. A partir de la versi\u00f3n 2.19.0 y antes de la versi\u00f3n 2.44.0, la funci\u00f3n de creaci\u00f3n de plantillas de correo electr\u00f3nico utiliza Jinja2 sin la desinfecci\u00f3n de entrada adecuada ni restricciones del entorno de renderizado, lo que permite la inyecci\u00f3n de plantillas del lado del servidor que otorga la ejecuci\u00f3n remota de c\u00f3digo a usuarios privilegiados. Un usuario privilegiado se refiere a un usuario de la interfaz de usuario de administraci\u00f3n con el rol predeterminado de \"Propietario\" o \"Colaborador\", que puede escalar su acceso y ejecutar c\u00f3digo en el contenedor del servidor web de Fides subyacente donde se ejecuta la funci\u00f3n de renderizado de plantillas de Jinja. La vulnerabilidad se ha corregido en la versi\u00f3n \"2.44.0\" de Fides. Se recomienda a los usuarios que actualicen a esta versi\u00f3n o una posterior para proteger sus sistemas contra esta amenaza. No hay workarounds."}], "id": "CVE-2024-45053", "lastModified": "2024-09-06T18:20:35.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-09-04T16:15:07.910", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/ethyca/fides/commit/829cbd9cb5ef9c814fbac1ed6800e8d939d359c5"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/ethyca/fides/security/advisories/GHSA-c34r-238x-f7qx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1336"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}