CVE-2023-39965

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface. This code has unauthorized access. Attackers can freely download the file content on the target system. This may cause a large amount of information leakage. Version 1.5.0 has a patch for this issue.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0	Product Release Notes
https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-85cf-gj29-f555	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:fit2cloud:1panel:1.4.3:*:*:*:*:*:*:*

History

08 Sep 2023, 16:56

Type	Values Removed	Values Added
First Time		Fit2cloud 1panel Fit2cloud
CPE	cpe:2.3:a:1panel:1panel:1.4.3:::::::*	cpe:2.3:a:fit2cloud:1panel:1.4.3:::::::*

16 Aug 2023, 18:52

Type	Values Removed	Values Added
CPE		cpe:2.3:a:1panel:1panel:1.4.3:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.3
References	~~(MISC) https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-85cf-gj29-f555 -~~	(MISC) https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-85cf-gj29-f555 - Exploit, Vendor Advisory
References	~~(MISC) https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0 -~~	(MISC) https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0 - Product, Release Notes
First Time		1panel 1panel 1panel

10 Aug 2023, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-10 18:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-39965

Mitre link : CVE-2023-39965

CVE.ORG link : CVE-2023-39965

JSON object : View

Products Affected

fit2cloud

1panel

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2023-39965", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.3}]}, "published": "2023-08-10T18:15:11.213", "references": [{"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0", "tags": ["Product", "Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-85cf-gj29-f555", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface. This code has unauthorized access. Attackers can freely download the file content on the target system. This may cause a large amount of information leakage. Version 1.5.0 has a patch for this issue.\n"}, {"lang": "es", "value": "1Panel es un panel de gesti\u00f3n de operaciones y mantenimiento de servidores Linux de c\u00f3digo abierto. En la versi\u00f3n 1.4.3, los atacantes autenticados pueden descargar archivos arbitrarios a trav\u00e9s de la interfaz API. Este c\u00f3digo tiene acceso no autorizado. Los atacantes pueden descargar libremente el contenido del archivo en el sistema de destino. Esto puede causar una gran fuga de informaci\u00f3n. La versi\u00f3n 1.5.0 tiene un parche para este problema."}], "lastModified": "2023-09-08T16:56:15.427", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fit2cloud:1panel:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FB1DBC8-57BC-4F73-AB3E-E87FABCFDBCF"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}