cnvd - cnvd-2022-05859

cnvd-2022-05859

Vulnerability from cnvd

Title: Deck存在未明漏洞

Description:

Deck是一个看板风格的组织工具。旨在为与Nextcloud集成的团队进行个人规划和项目组织。

Deck存在安全漏洞，该漏洞源于Deck应用程序没有正确地检查Circle中的用户成员。攻击者可利用漏洞允许实例中的其他用户访问已与Circle共享的面板内容，即使该用户不是该Circle的成员。

Severity: 中

Patch Name: Deck存在未明漏洞的补丁

Patch Description:

Deck是一个看板风格的组织工具。旨在为与Nextcloud集成的团队进行个人规划和项目组织。

Deck存在安全漏洞，该漏洞源于Deck应用程序没有正确地检查Circle中的用户成员。攻击者可利用漏洞允许实例中的其他用户访问已与Circle共享的面板内容，即使该用户不是该Circle的成员。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-37631

Impacted products

Name
['Nextcloud Deck 1.5.1', 'Nextcloud Deck 1.4.4', 'Nextcloud Deck 1.2.9']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-37631"
    }
  },
  "description": "Deck\u662f\u4e00\u4e2a\u770b\u677f\u98ce\u683c\u7684\u7ec4\u7ec7\u5de5\u5177\u3002\u65e8\u5728\u4e3a\u4e0eNextcloud\u96c6\u6210\u7684\u56e2\u961f\u8fdb\u884c\u4e2a\u4eba\u89c4\u5212\u548c\u9879\u76ee\u7ec4\u7ec7\u3002\n\nDeck\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eDeck\u5e94\u7528\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u5730\u68c0\u67e5Circle\u4e2d\u7684\u7528\u6237\u6210\u5458\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5141\u8bb8\u5b9e\u4f8b\u4e2d\u7684\u5176\u4ed6\u7528\u6237\u8bbf\u95ee\u5df2\u4e0eCircle\u5171\u4eab\u7684\u9762\u677f\u5185\u5bb9\uff0c\u5373\u4f7f\u8be5\u7528\u6237\u4e0d\u662f\u8be5Circle\u7684\u6210\u5458\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-05859",
  "openTime": "2022-01-23",
  "patchDescription": "Deck\u662f\u4e00\u4e2a\u770b\u677f\u98ce\u683c\u7684\u7ec4\u7ec7\u5de5\u5177\u3002\u65e8\u5728\u4e3a\u4e0eNextcloud\u96c6\u6210\u7684\u56e2\u961f\u8fdb\u884c\u4e2a\u4eba\u89c4\u5212\u548c\u9879\u76ee\u7ec4\u7ec7\u3002\r\n\r\nDeck\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eDeck\u5e94\u7528\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u5730\u68c0\u67e5Circle\u4e2d\u7684\u7528\u6237\u6210\u5458\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5141\u8bb8\u5b9e\u4f8b\u4e2d\u7684\u5176\u4ed6\u7528\u6237\u8bbf\u95ee\u5df2\u4e0eCircle\u5171\u4eab\u7684\u9762\u677f\u5185\u5bb9\uff0c\u5373\u4f7f\u8be5\u7528\u6237\u4e0d\u662f\u8be5Circle\u7684\u6210\u5458\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Deck\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Nextcloud Deck 1.5.1",
      "Nextcloud Deck 1.4.4",
      "Nextcloud Deck 1.2.9"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-37631",
  "serverity": "\u4e2d",
  "submitTime": "2021-09-09",
  "title": "Deck\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2021-37631 (GCVE-0-2021-37631)

Vulnerability from cvelistv5

Published

2021-09-07 19:50

Modified

2024-08-04 01:23

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-639 - Authorization Bypass Through User-Controlled Key

Summary

Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle. It is recommended that Nextcloud Deck is upgraded to 1.5.1, 1.4.4 or 1.2.9. If you are unable to update it is advised to disable the Deck plugin.

References

▼	URL	Tags
	https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr	x_refsource_CONFIRM
	https://github.com/nextcloud/deck/pull/3217	x_refsource_MISC
	https://hackerone.com/reports/1256021	x_refsource_MISC
	https://hackerone.com/reports/1280931	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	nextcloud	security-advisories	Version: < 1.2.9 Version: >= 1.3.0, < 1.4.4 Version: >= 1.5.0, < 1.5.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:23:01.348Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/deck/pull/3217"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1256021"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1280931"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "security-advisories",
          "vendor": "nextcloud",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.2.9"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.3.0, \u003c 1.4.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.5.0, \u003c 1.5.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn\u0027t properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle. It is recommended that Nextcloud Deck is upgraded to 1.5.1, 1.4.4 or 1.2.9. If you are unable to update it is advised to disable the Deck plugin."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-639",
              "description": "CWE-639: Authorization Bypass Through User-Controlled Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-07T19:50:11",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/deck/pull/3217"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/1256021"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/1280931"
        }
      ],
      "source": {
        "advisory": "GHSA-4mxp-j277-82hr",
        "discovery": "UNKNOWN"
      },
      "title": "Circle can be accessed by non-Circle members in Nextcloud Deck",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-37631",
          "STATE": "PUBLIC",
          "TITLE": "Circle can be accessed by non-Circle members in Nextcloud Deck"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "security-advisories",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.2.9"
                          },
                          {
                            "version_value": "\u003e= 1.3.0, \u003c 1.4.4"
                          },
                          {
                            "version_value": "\u003e= 1.5.0, \u003c 1.5.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "nextcloud"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn\u0027t properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle. It is recommended that Nextcloud Deck is upgraded to 1.5.1, 1.4.4 or 1.2.9. If you are unable to update it is advised to disable the Deck plugin."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-639: Authorization Bypass Through User-Controlled Key"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr",
              "refsource": "CONFIRM",
              "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4mxp-j277-82hr"
            },
            {
              "name": "https://github.com/nextcloud/deck/pull/3217",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/deck/pull/3217"
            },
            {
              "name": "https://hackerone.com/reports/1256021",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/1256021"
            },
            {
              "name": "https://hackerone.com/reports/1280931",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/1280931"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-4mxp-j277-82hr",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-37631",
    "datePublished": "2021-09-07T19:50:11",
    "dateReserved": "2021-07-29T00:00:00",
    "dateUpdated": "2024-08-04T01:23:01.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted