Vulnerabilites related to spree - spree
CVE-2020-26223 (GCVE-0-2020-26223)
Vulnerability from cvelistv5
Published
2020-11-13 17:25
Modified
2024-08-04 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree < 3.7 are not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr | x_refsource_CONFIRM | |
| https://github.com/spree/spree/pull/10573 | x_refsource_MISC | |
| https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/spree/spree/pull/10573"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spree",
"vendor": "spree",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.13"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.5"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree \u003c 3.7 are not affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-13T17:25:20",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/spree/spree/pull/10573"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
],
"source": {
"advisory": "GHSA-m2jr-hmc3-qmpr",
"discovery": "UNKNOWN"
},
"title": "Authorization bypass in Spree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-26223",
"STATE": "PUBLIC",
"TITLE": "Authorization bypass in Spree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "spree",
"version": {
"version_data": [
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.13"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.5"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.12"
}
]
}
}
]
},
"vendor_name": "spree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree \u003c 3.7 are not affected."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr",
"refsource": "CONFIRM",
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"name": "https://github.com/spree/spree/pull/10573",
"refsource": "MISC",
"url": "https://github.com/spree/spree/pull/10573"
},
{
"name": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status",
"refsource": "MISC",
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
]
},
"source": {
"advisory": "GHSA-m2jr-hmc3-qmpr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-26223",
"datePublished": "2020-11-13T17:25:20",
"dateReserved": "2020-10-01T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15269 (GCVE-0-2020-15269)
Vulnerability from cvelistv5
Published
2020-10-20 20:15
Modified
2024-08-04 13:15
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/spree/spree/security/advisories/GHSA-f8cm-364f-q9qh | x_refsource_CONFIRM | |
| https://github.com/spree/spree/commit/e43643abfe51f54bd9208dd02298b366e9b9a847 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:18.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-f8cm-364f-q9qh"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/spree/spree/commit/e43643abfe51f54bd9208dd02298b366e9b9a847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spree",
"vendor": "spree",
"versions": [
{
"status": "affected",
"version": "\u003c 3.7.11"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.4"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "{\"CWE-287\":\"Improper Authentication\"}",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "{\"CWE-613\":\"Insufficient Session Expiration\"}",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T20:15:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-f8cm-364f-q9qh"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/spree/spree/commit/e43643abfe51f54bd9208dd02298b366e9b9a847"
}
],
"source": {
"advisory": "GHSA-f8cm-364f-q9qh",
"discovery": "UNKNOWN"
},
"title": "Expired token reuse in Spree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15269",
"STATE": "PUBLIC",
"TITLE": "Expired token reuse in Spree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "spree",
"version": {
"version_data": [
{
"version_value": "\u003c 3.7.11"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.4"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.11"
}
]
}
}
]
},
"vendor_name": "spree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "{\"CWE-287\":\"Improper Authentication\"}"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "{\"CWE-613\":\"Insufficient Session Expiration\"}"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/spree/spree/security/advisories/GHSA-f8cm-364f-q9qh",
"refsource": "CONFIRM",
"url": "https://github.com/spree/spree/security/advisories/GHSA-f8cm-364f-q9qh"
},
{
"name": "https://github.com/spree/spree/commit/e43643abfe51f54bd9208dd02298b366e9b9a847",
"refsource": "MISC",
"url": "https://github.com/spree/spree/commit/e43643abfe51f54bd9208dd02298b366e9b9a847"
}
]
},
"source": {
"advisory": "GHSA-f8cm-364f-q9qh",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15269",
"datePublished": "2020-10-20T20:15:14",
"dateReserved": "2020-06-25T00:00:00",
"dateUpdated": "2024-08-04T13:15:18.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}