CVE-2023-2665

HIGH7.5EPSS 0.27%

RosarioSIS Stores Sensitive Data in a Mechanism without Access Control

發布日:2023/5/19修改日:2024/2/16

描述

RosarioSIS prior to 11.0 allows anyone, regardless of authentication status, to download and view file attachments under the `salaries` module. In addition, the file names contain a date in a `YYYY-MM-DD` format and a random six-string digit, making enumerating file names with automated tools relatively easy. This could allow an attacker to gain access to sensitive salary information. The patch for version 11.0 adds microseconds to filenames to make them harder to guess.

受影響套件(1)

Packagist/francoisjacquet/rosariosisfrom 0, < 11.0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

參考連結(4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-2665
PATCHhttps://github.com/francoisjacquet/rosariosis
WEBhttps://github.com/francoisjacquet/rosariosis/commit/09d5afaa6be07688ca1a7ac3b755b5438109e986
WEBhttps://huntr.dev/bounties/42f38a84-8954-484d-b5ff-706ca0918194