CVE-2020-27358 (GCVE-0-2020-27358)
Vulnerability from cvelistv5 – Published: 2020-10-31 16:18 – Updated: 2024-08-04 16:11
VLAI
EPSS
VEX
Summary
An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another's conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey&thread_id={THREAD_ID}.
Severity
4.3 (Medium)
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.evms.edu/research/resources_services/… | x_refsource_MISC |
| https://www.ruse.tech/blog/38 | x_refsource_MISC |
| https://github.com/seb1055/cve-2020-27358-27359 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:36.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.evms.edu/research/resources_services/redcap/redcap_change_log/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ruse.tech/blog/38"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/seb1055/cve-2020-27358-27359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger\u0027s CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another\u0027s conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey\u0026thread_id={THREAD_ID}."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-02T13:01:22.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.evms.edu/research/resources_services/redcap/redcap_change_log/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruse.tech/blog/38"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/seb1055/cve-2020-27358-27359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger\u0027s CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another\u0027s conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey\u0026thread_id={THREAD_ID}."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.evms.edu/research/resources_services/redcap/redcap_change_log/",
"refsource": "MISC",
"url": "https://www.evms.edu/research/resources_services/redcap/redcap_change_log/"
},
{
"name": "https://www.ruse.tech/blog/38",
"refsource": "MISC",
"url": "https://www.ruse.tech/blog/38"
},
{
"name": "https://github.com/seb1055/cve-2020-27358-27359",
"refsource": "MISC",
"url": "https://github.com/seb1055/cve-2020-27358-27359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27358",
"datePublished": "2020-10-31T16:18:43.000Z",
"dateReserved": "2020-10-20T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:11:36.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-27358",
"date": "2026-07-12",
"epss": "0.02031",
"percentile": "0.78768"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.11.6\", \"versionEndExcluding\": \"10.0\", \"matchCriteriaId\": \"51C25902-74A8-42CF-A9EA-10E66B81E466\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger\u0027s CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another\u0027s conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey\u0026thread_id={THREAD_ID}.\"}, {\"lang\": \"es\", \"value\": \"Se detect\\u00f3 un problema en REDCap versiones 8.11.6 hasta 9.x anteriores a 10. La funcionalidad CSV de messenger (que permite a usuarios exportar sus hilos de conversaci\\u00f3n como CSV) permite a usuarios no privilegiados exportar los hilos de conversaci\\u00f3n de los dem\\u00e1s al cambiar el par\\u00e1metro thread_id en la petici\\u00f3n para el endpoint Messenger/messenger_download_csv.php?title=Hey\u0026amp;thread_id={THREAD_ID}\"}]",
"id": "CVE-2020-27358",
"lastModified": "2024-11-21T05:21:03.527",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-11-02T21:15:28.647",
"references": "[{\"url\": \"https://github.com/seb1055/cve-2020-27358-27359\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://www.ruse.tech/blog/38\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/seb1055/cve-2020-27358-27359\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://www.ruse.tech/blog/38\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-276\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-27358\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-11-02T21:15:28.647\",\"lastModified\":\"2024-11-21T05:21:03.527\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger\u0027s CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another\u0027s conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey\u0026thread_id={THREAD_ID}.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema en REDCap versiones 8.11.6 hasta 9.x anteriores a 10. La funcionalidad CSV de messenger (que permite a usuarios exportar sus hilos de conversaci\u00f3n como CSV) permite a usuarios no privilegiados exportar los hilos de conversaci\u00f3n de los dem\u00e1s al cambiar el par\u00e1metro thread_id en la petici\u00f3n para el endpoint Messenger/messenger_download_csv.php?title=Hey\u0026amp;thread_id={THREAD_ID}\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-276\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.11.6\",\"versionEndExcluding\":\"10.0\",\"matchCriteriaId\":\"51C25902-74A8-42CF-A9EA-10E66B81E466\"}]}]}],\"references\":[{\"url\":\"https://github.com/seb1055/cve-2020-27358-27359\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://www.ruse.tech/blog/38\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/seb1055/cve-2020-27358-27359\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.evms.edu/research/resources_services/redcap/redcap_change_log/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://www.ruse.tech/blog/38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…