cve-2024-27100
Vulnerability from cvelistv5
Published
2024-03-15 19:21
Modified
2024-08-02 00:27
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could render an instance inoperable. A site could be disrupted by either a malicious moderator on the same site or a malicious staff member on another site in the same multisite cluster. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
security-advisories@github.comhttps://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47
security-advisories@github.comhttps://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc
af854a3a-2127-422b-91ae-364da2661108https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47
af854a3a-2127-422b-91ae-364da2661108https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27100",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T16:16:38.459832Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:44.223Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:27:59.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc"
          },
          {
            "name": "https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "discourse",
          "vendor": "discourse",
          "versions": [
            {
              "status": "affected",
              "version": "stable \u003c= 3.2.0"
            },
            {
              "status": "affected",
              "version": "beta \u003c= 3.3.0.beta1"
            },
            {
              "status": "affected",
              "version": "tests-passed \u003c= 3.3.0.beta1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren\u0027t enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could render an instance inoperable. A site could be disrupted by either a malicious moderator on the same site or a malicious staff member on another site in the same multisite cluster. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-15T19:21:49.443Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc"
        },
        {
          "name": "https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47"
        }
      ],
      "source": {
        "advisory": "GHSA-xq4v-qg27-gxgc",
        "discovery": "UNKNOWN"
      },
      "title": "Denial of service via Staff Actions in Discourse"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-27100",
    "datePublished": "2024-03-15T19:21:49.443Z",
    "dateReserved": "2024-02-19T14:43:05.994Z",
    "dateUpdated": "2024-08-02T00:27:59.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-27100\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-15T20:15:08.490\",\"lastModified\":\"2024-11-21T09:03:51.563\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren\u0027t enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could render an instance inoperable. A site could be disrupted by either a malicious moderator on the same site or a malicious staff member on another site in the same multisite cluster. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. En las versiones afectadas, los endpoints para suspender usuarios, silenciar usuarios y exportar archivos CSV no impon\u00edan l\u00edmites en los tama\u00f1os de los par\u00e1metros que aceptaban. Esto podr\u00eda provocar un consumo excesivo de recursos que podr\u00eda dejar una instancia inoperable. Un sitio podr\u00eda verse interrumpido por un moderador malintencionado en el mismo sitio o por un miembro del personal malicioso en otro sitio en el mismo cl\u00faster multisitio. Este problema est\u00e1 solucionado en las \u00faltimas versiones estable, beta y de prueba de Discourse. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/discourse/discourse/commit/8cade1e825e90a66f440e820992d43c6905f4b47\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/discourse/discourse/security/advisories/GHSA-xq4v-qg27-gxgc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.