ghsa-c7pc-pgf6-mfh5
Vulnerability from github
Published
2022-11-10 21:46
Modified
2022-11-10 21:46
Severity ?
Summary
ezplatform-graphql GraphQL queries can expose password hashes
Details
Impact
Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically but not necessarily limited to administrators and editors.
Patches
Resolving versions: Ibexa DXP v1.0.13, v2.3.12
Workarounds
Remove the "passwordHash" entry from "src/bundle/Resources/config/graphql/User.types.yaml" in the GraphQL package, and other properties like hash type, email, login if you prefer.
References
This issue was reported to us by Philippe Tranca ("trancap") of the company Lexfo. We are very grateful for their research, and responsible disclosure to us of this critical vulnerability.
For more information
If you have any questions or comments about this advisory, please contact Support via your service portal.
{ affected: [ { package: { ecosystem: "Packagist", name: "ezsystems/ezplatform-graphql", }, ranges: [ { events: [ { introduced: "1.0.0-rc1", }, { fixed: "1.0.13", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Packagist", name: "ezsystems/ezplatform-graphql", }, ranges: [ { events: [ { introduced: "2.0.0-beta1", }, { fixed: "2.3.12", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2022-41876", ], database_specific: { cwe_ids: [ "CWE-200", "CWE-922", ], github_reviewed: true, github_reviewed_at: "2022-11-10T21:46:14Z", nvd_published_at: "2022-11-10T21:15:00Z", severity: "HIGH", }, details: "### Impact\nUnauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically but not necessarily limited to administrators and editors.\n\n### Patches\n\nResolving versions: Ibexa DXP v1.0.13, v2.3.12\n\n### Workarounds\nRemove the \"passwordHash\" entry from \"src/bundle/Resources/config/graphql/User.types.yaml\" in the GraphQL package, and other properties like hash type, email, login if you prefer.\n\n### References\n\nThis issue was reported to us by Philippe Tranca (\"trancap\") of the company Lexfo. We are very grateful for their research, and responsible disclosure to us of this critical vulnerability. \n\n### For more information\nIf you have any questions or comments about this advisory, please contact Support via your service portal.", id: "GHSA-c7pc-pgf6-mfh5", modified: "2022-11-10T21:46:14Z", published: "2022-11-10T21:46:14Z", references: [ { type: "WEB", url: "https://github.com/ezsystems/ezplatform-graphql/security/advisories/GHSA-c7pc-pgf6-mfh5", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41876", }, { type: "WEB", url: "https://developers.ibexa.co/security-advisories/ibexa-sa-2022-009-critical-vulnerabilities-in-graphql-role-assignment-ct-editing-and-drafts-tooltips", }, { type: "PACKAGE", url: "https://github.com/ezsystems/ezplatform-graphql", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", type: "CVSS_V3", }, ], summary: "ezplatform-graphql GraphQL queries can expose password hashes", }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.