CVE-2023-49274 (GCVE-0-2023-49274)
Vulnerability from cvelistv5 – Published: 2023-12-12 19:10 – Updated: 2024-08-02 21:53
VLAI?
Title
Umbraco CMS SMTP misconfiguration exposes potential registered user email
Summary
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| umbraco | Umbraco-CMS |
Affected:
>= 8.0.0, < 8.18.10
Affected: >= 9.0.0-rc001, < 10.8.1 Affected: >= 11.0.0-rc1, < 12.3.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:53:44.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Umbraco-CMS",
"vendor": "umbraco",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.18.10"
},
{
"status": "affected",
"version": "\u003e= 9.0.0-rc001, \u003c 10.8.1"
},
{
"status": "affected",
"version": "\u003e= 11.0.0-rc1, \u003c 12.3.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T19:10:46.262Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c"
}
],
"source": {
"advisory": "GHSA-8qp8-9rpw-j46c",
"discovery": "UNKNOWN"
},
"title": "Umbraco CMS SMTP misconfiguration exposes potential registered user email"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49274",
"datePublished": "2023-12-12T19:10:46.262Z",
"dateReserved": "2023-11-24T16:45:24.311Z",
"dateUpdated": "2024-08-02T21:53:44.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-49274",
"date": "2026-05-05",
"epss": "0.00368",
"percentile": "0.58657"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndExcluding\": \"8.18.10\", \"matchCriteriaId\": \"FAFFD03D-00A2-4AA4-A727-FA10CFC1446F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.8.1\", \"matchCriteriaId\": \"03FE24B3-A0E4-4235-B990-51E9B6F877F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.0.0\", \"versionEndExcluding\": \"12.3.4\", \"matchCriteriaId\": \"AD471553-62B9-4DBB-8DF6-93F7C3A08957\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.\"}, {\"lang\": \"es\", \"value\": \"Umbraco es un sistema de gesti\\u00f3n de contenidos (CMS) ASP.NET. A partir de la versi\\u00f3n 8.0.0 y anteriores a las versiones 8.18.10, 10.8.1 y 12.3.4, es posible un ataque de enumeraci\\u00f3n de usuarios cuando SMTP no est\\u00e1 configurado correctamente, pero el restablecimiento de contrase\\u00f1a est\\u00e1 habilitado. Las versiones 8.18.10, 10.8.1 y 12.3.4 contienen un parche para este problema.\"}]",
"id": "CVE-2023-49274",
"lastModified": "2024-11-21T08:33:09.790",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}]}",
"published": "2023-12-12T20:15:07.993",
"references": "[{\"url\": \"https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-49274\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-12-12T20:15:07.993\",\"lastModified\":\"2024-11-21T08:33:09.790\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.\"},{\"lang\":\"es\",\"value\":\"Umbraco es un sistema de gesti\u00f3n de contenidos (CMS) ASP.NET. A partir de la versi\u00f3n 8.0.0 y anteriores a las versiones 8.18.10, 10.8.1 y 12.3.4, es posible un ataque de enumeraci\u00f3n de usuarios cuando SMTP no est\u00e1 configurado correctamente, pero el restablecimiento de contrase\u00f1a est\u00e1 habilitado. Las versiones 8.18.10, 10.8.1 y 12.3.4 contienen un parche para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.18.10\",\"matchCriteriaId\":\"FAFFD03D-00A2-4AA4-A727-FA10CFC1446F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.8.1\",\"matchCriteriaId\":\"03FE24B3-A0E4-4235-B990-51E9B6F877F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.3.4\",\"matchCriteriaId\":\"AD471553-62B9-4DBB-8DF6-93F7C3A08957\"}]}]}],\"references\":[{\"url\":\"https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-8qp8-9rpw-j46c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…