cve-2022-31096
Vulnerability from cvelistv5
Published
2022-06-27 21:35
Modified
2025-04-23 18:06
Severity ?
EPSS score ?
0.09%
(0.27583)
Summary
Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:11:39.652Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-31096", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-23T14:04:21.111816Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-23T18:06:39.810Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "discourse", vendor: "discourse", versions: [ { status: "affected", version: "< 2.8.5; stable branch", }, { status: "affected", version: "< 2.9.0.beta6; beta brach", }, ], }, ], descriptions: [ { lang: "en", value: "Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-281", description: "CWE-281: Improper Preservation of Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-27T21:35:10.000Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r", }, ], source: { advisory: "GHSA-rvp8-459h-282r", discovery: "UNKNOWN", }, title: "Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-31096", STATE: "PUBLIC", TITLE: "Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "discourse", version: { version_data: [ { version_value: "< 2.8.5; stable branch", }, { version_value: "< 2.9.0.beta6; beta brach", }, ], }, }, ], }, vendor_name: "discourse", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-281: Improper Preservation of Permissions", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r", refsource: "CONFIRM", url: "https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r", }, ], }, source: { advisory: "GHSA-rvp8-459h-282r", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31096", datePublished: "2022-06-27T21:35:10.000Z", dateReserved: "2022-05-18T00:00:00.000Z", dateUpdated: "2025-04-23T18:06:39.810Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2022-31096\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-06-27T22:15:09.123\",\"lastModified\":\"2024-11-21T07:03:53.193\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.\"},{\"lang\":\"es\",\"value\":\"Discourse es una plataforma de debate de código abierto. Bajo determinadas condiciones, un usuario conectado puede canjear una invitación con un correo electrónico que o bien no coincide con el correo electrónico de la invitación o no es adherido a la restricción de dominio de correo electrónico de un enlace de invitación. El impacto de este fallo es agravado cuando la invitación ha sido configurada para añadir al usuario que acepta la invitación a grupos restringidos. Una vez que un usuario ha sido añadido incorrectamente a un grupo restringido, el usuario puede entonces ser capaz de visualizar contenidos que están restringidos al grupo respectivo. Es recomendado a usuarios actualizar a versiones estables actuales. No se presentan mitigaciones conocidas para este problema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:S/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.8.4\",\"matchCriteriaId\":\"369D642C-A8FC-423F-8A49-D9ECCE3D7B32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.9.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3803EF9-A296-42B7-887F-93C5E68E94C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.9.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA3D313-3C11-43E2-A47D-CBB532D1B6F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.9.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F42673E-65F3-4807-9484-20CB747420FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.9.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B91D023-FCE5-4866-AD8B-BBB675763104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse:2.9.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0086484D-0164-449C-8AAE-BE7479CB9706\"}]}]}],\"references\":[{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:11:39.652Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31096\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T14:04:21.111816Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T14:04:22.455Z\"}}], \"cna\": {\"title\": \"Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse\", \"source\": {\"advisory\": \"GHSA-rvp8-459h-282r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"discourse\", \"product\": \"discourse\", \"versions\": [{\"status\": \"affected\", \"version\": \"< 2.8.5; stable branch\"}, {\"status\": \"affected\", \"version\": \"< 2.9.0.beta6; beta brach\"}]}], \"references\": [{\"url\": \"https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-281\", \"description\": \"CWE-281: Improper Preservation of Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-06-27T21:35:10.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"GHSA-rvp8-459h-282r\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"< 2.8.5; stable branch\"}, {\"version_value\": \"< 2.9.0.beta6; beta brach\"}]}, \"product_name\": \"discourse\"}]}, \"vendor_name\": \"discourse\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r\", \"name\": \"https://github.com/discourse/discourse/security/advisories/GHSA-rvp8-459h-282r\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-281: Improper Preservation of Permissions\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-31096\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Invites restricted to an email or invite links restricted to an email domain may be bypassed by a under certain conditions in Discourse\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}", cveMetadata: "{\"cveId\": \"CVE-2022-31096\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T18:06:39.810Z\", \"dateReserved\": \"2022-05-18T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-06-27T21:35:10.000Z\", \"assignerShortName\": \"GitHub_M\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.