CVE-2021-39174 Vulnerability Details

  /     /     /  

CVE-2021-39174 Metadata Quick Info

CVE Published: 27/08/2021 | CVE Updated: 04/08/2024 | CVE Year: 2021
Source: GitHub_M | Vendor: fiveai | Product: Cachet
Status : PUBLISHED

CVE-2021-39174 Description

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.

Metrics

CVSS Version: 3.1 | Base Score: 8.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* LOW
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* HIGH
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-75
CWE Name: CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Source: fiveai

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).