CVE-2022-2653

With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418	Patch Third Party Advisory
https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70	Exploit Issue Tracking Patch Third Party Advisory
https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418	Patch Third Party Advisory
https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70	Exploit Issue Tracking Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:01

Type	Values Removed	Values Added
References	~~() https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418 - Patch, Third Party Advisory~~	() https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418 - Patch, Third Party Advisory
References	~~() https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70 - Exploit, Issue Tracking, Patch, Third Party Advisory~~	() https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70 - Exploit, Issue Tracking, Patch, Third Party Advisory

Information

Published : 2022-08-04 10:15

Updated : 2024-11-21 07:01

NVD link : CVE-2022-2653

Mitre link : CVE-2022-2653

CVE.ORG link : CVE-2022-2653

JSON object : View

Products Affected

planka

planka

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2022-2653", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-08-04T10:15:08.060", "references": [{"url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418", "tags": ["Patch", "Third Party Advisory"], "source": "security@huntr.dev"}, {"url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "security@huntr.dev"}, {"url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."}, {"lang": "es", "value": "Con esta vulnerabilidad un atacante puede leer muchos archivos confidenciales como los archivos de configuraci\u00f3n, o el archivo /proc/self/environ, que contiene la variable de entorno usada por el servidor web que incluye las credenciales de la base de datos. Si el usuario del servidor web es root, un atacante podr\u00e1 leer cualquier archivo del sistema"}], "lastModified": "2024-11-21T07:01:26.927", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F2CB549-0F44-4B52-8130-E1A385F24A4A", "versionEndExcluding": "1.5.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}