cnvd - cnvd-2019-41857

cnvd-2019-41857

Vulnerability from cnvd

Title: Dolibarr ERP/CRM跨站请求伪造漏洞（CNVD-2019-41857）

Description:

Dolibarr ERP/CRM是法国Dolibarr基金会的一套基于Web的企业资源计划（ERP）和客户关系管理（CRM）系统。该系统可用来管理产品、库存、发票、订单等。

Dolibarr ERP/CRM 11.0.0-alpha版本中的Label字段存在跨站请求伪造漏洞，该漏洞源于WEB应用未充分验证请求是否来自可信用户，攻击者可利用该漏洞通过受影响客户端向服务器发送非预期的请求。

Severity: 中

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.dolibarr.org/

Reference: https://github.com/Dolibarr/dolibarr/issues/11671 https://nvd.nist.gov/vuln/detail/CVE-2019-15062

Impacted products

Name
Dolibarr ERP/CRM 11.0.0-alpha

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-15062"
    }
  },
  "description": "Dolibarr ERP/CRM\u662f\u6cd5\u56fdDolibarr\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eWeb\u7684\u4f01\u4e1a\u8d44\u6e90\u8ba1\u5212\uff08ERP\uff09\u548c\u5ba2\u6237\u5173\u7cfb\u7ba1\u7406\uff08CRM\uff09\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u53ef\u7528\u6765\u7ba1\u7406\u4ea7\u54c1\u3001\u5e93\u5b58\u3001\u53d1\u7968\u3001\u8ba2\u5355\u7b49\u3002\n\nDolibarr ERP/CRM 11.0.0-alpha\u7248\u672c\u4e2d\u7684Label\u5b57\u6bb5\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eWEB\u5e94\u7528\u672a\u5145\u5206\u9a8c\u8bc1\u8bf7\u6c42\u662f\u5426\u6765\u81ea\u53ef\u4fe1\u7528\u6237\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d7\u5f71\u54cd\u5ba2\u6237\u7aef\u5411\u670d\u52a1\u5668\u53d1\u9001\u975e\u9884\u671f\u7684\u8bf7\u6c42\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.dolibarr.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-41857",
  "openTime": "2019-11-22",
  "products": {
    "product": "Dolibarr ERP/CRM 11.0.0-alpha"
  },
  "referenceLink": "https://github.com/Dolibarr/dolibarr/issues/11671\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-15062",
  "serverity": "\u4e2d",
  "submitTime": "2019-08-14",
  "title": "Dolibarr ERP/CRM\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff08CNVD-2019-41857\uff09"
}

CVE-2019-15062 (GCVE-0-2019-15062)

Vulnerability from cvelistv5

Published

2019-08-14 22:54

Modified

2024-08-05 00:34

Severity ?

CWE

Summary

An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application's own settings pages, this mechanism is bypassed.)

References

▼	URL	Tags
	https://github.com/Dolibarr/dolibarr/issues/11671	x_refsource_MISC
	https://gauravnarwani.com/publications/CVE-2019-15062/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:34:53.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Dolibarr/dolibarr/issues/11671"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gauravnarwani.com/publications/CVE-2019-15062/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application\u0027s own settings pages, this mechanism is bypassed.)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-15T15:21:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Dolibarr/dolibarr/issues/11671"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gauravnarwani.com/publications/CVE-2019-15062/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application\u0027s own settings pages, this mechanism is bypassed.)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Dolibarr/dolibarr/issues/11671",
              "refsource": "MISC",
              "url": "https://github.com/Dolibarr/dolibarr/issues/11671"
            },
            {
              "name": "https://gauravnarwani.com/publications/CVE-2019-15062/",
              "refsource": "MISC",
              "url": "https://gauravnarwani.com/publications/CVE-2019-15062/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15062",
    "datePublished": "2019-08-14T22:54:51",
    "dateReserved": "2019-08-14T00:00:00",
    "dateUpdated": "2024-08-05T00:34:53.128Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted