CVE-2023-39964

{"id": "CVE-2023-39964", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-08-10T18:15:11.043", "references": [{"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0", "tags": ["Product", "Release Notes"], "source": "[email protected]"}, {"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-pv7q-v9mv-9mh5", "tags": ["Exploit", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v1.5.0", "tags": ["Product", "Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-pv7q-v9mv-9mh5", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`, which directly reads the file by obtaining the requested path `parameter[path]`. The request parameters are not filtered, resulting in a background arbitrary file reading vulnerability. Version 1.5.0 has a patch for this issue."}, {"lang": "es", "value": "1Panel es un panel de gesti\u00f3n de operaci\u00f3n y mantenimiento de servidores Linux de c\u00f3digo abierto. En la versi\u00f3n 1.4.3 las lecturas de archivos arbitrarios permiten a un atacante leer archivos de configuraci\u00f3n importantes y arbitrarios en el servidor. En el archivo `api/v1/file.go`, hay una funci\u00f3n llamada `LoadFromFile`, que lee directamente el archivo obteniendo la ruta solicitada `par\u00e1metro [ruta]`. Los par\u00e1metros de solicitud no se filtran, lo que genera una vulnerabilidad de lectura de archivos arbitrarios en segundo plano. La versi\u00f3n 1.5.0 tiene un parche para este problema."}], "lastModified": "2024-11-21T08:16:08.060", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fit2cloud:1panel:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FB1DBC8-57BC-4F73-AB3E-E87FABCFDBCF"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}