CVE-2024-25108

{"id": "CVE-2024-25108", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.3, "exploitabilityScore": 3.9}]}, "published": "2024-02-12T20:15:08.590", "references": [{"url": "https://github.com/pixelfed/pixelfed/commit/7e47d6dccb0393a2e95c42813c562c854882b037", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pixelfed/pixelfed/security/advisories/GHSA-gccq-h3xj-jgvf", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-280"}, {"lang": "en", "value": "CWE-285"}, {"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This vulnerability affects every version of Pixelfed between v0.10.4 and v0.11.9, inclusive. A proof of concept of this vulnerability exists. This vulnerability affects every local user of a Pixelfed server, and can potentially affect the servers' ability to federate. Some user interaction is required to setup the conditions to be able to exercise the vulnerability, but the attacker could conduct this attack time-delayed manner, where user interaction is not actively required. This vulnerability has been addressed in version 0.11.11. Users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Pixelfed es una plataforma para compartir fotograf\u00edas de c\u00f3digo abierto. Al procesar las solicitudes, la autorizaci\u00f3n se verific\u00f3 de manera inadecuada e insuficiente, lo que permiti\u00f3 a los atacantes acceder a muchas m\u00e1s funciones de las que los usuarios pretend\u00edan, incluidas las funciones administrativas y de moderador del servidor Pixelfed. Esta vulnerabilidad afecta a todas las versiones de Pixelfed entre la v0.10.4 y la v0.11.9, inclusive. Existe una prueba de concepto de esta vulnerabilidad. Esta vulnerabilidad afecta a todos los usuarios locales de un servidor Pixelfed y puede afectar potencialmente la capacidad de los servidores para federarse. Se requiere cierta interacci\u00f3n del usuario para configurar las condiciones para poder ejercer la vulnerabilidad, pero el atacante podr\u00eda realizar este ataque de manera retardada, donde no se requiere activamente la interacci\u00f3n del usuario. Esta vulnerabilidad se ha solucionado en la versi\u00f3n 0.11.11. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}], "lastModified": "2024-10-11T19:31:20.060", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pixelfed:pixelfed:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDC53226-FCCF-443B-8300-3450616781B2", "versionEndExcluding": "0.11.11", "versionStartIncluding": "0.10.4"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}