CVE-2021-43830

{"id": "CVE-2021-43830", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 3.1}]}, "published": "2021-12-14T20:15:07.813", "references": [{"url": "https://github.com/opf/openproject/pull/9983", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/opf/openproject/pull/9983.patch", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/opf/openproject/releases/tag/v12.0.4", "tags": ["Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/opf/openproject/security/advisories/GHSA-f565-3whr-6m96", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "OpenProject is a web-based project management software. OpenProject versions >= 12.0.0 are vulnerable to a SQL injection in the budgets module. For authenticated users with the \"Edit budgets\" permission, the request to reassign work packages to another budget unsufficiently sanitizes user input in the `reassign_to_id` parameter. The vulnerability has been fixed in version 12.0.4. Versions prior to 12.0.0 are not affected. If you're upgrading from an older version, ensure you are upgrading to at least version 12.0.4. If you are unable to upgrade in a timely fashion, the following patch can be applied: https://github.com/opf/openproject/pull/9983.patch"}, {"lang": "es", "value": "OpenProject es un software de administraci\u00f3n de proyectos basado en la web. OpenProject versiones posteriores a 12.0.0 incluy\u00e9ndola, son vulnerables a una inyecci\u00f3n SQL en el m\u00f3dulo budgets. Para los usuarios autenticados con el permiso \"Edit budgets\", la petici\u00f3n para reasignar paquetes de trabajo a otro presupuesto no sanea suficientemente la entrada del usuario en el par\u00e1metro \"reassign_to_id\". La vulnerabilidad ha sido corregida en la versi\u00f3n 12.0.4. Las versiones anteriores a la 12.0.0 no est\u00e1n afectadas. Si est\u00e1 actualizando desde una versi\u00f3n anterior, aseg\u00farese de que est\u00e1 actualizando al menos a la versi\u00f3n 12.0.4. Si no puede actualizar a tiempo, puede aplicar el siguiente parche: https://github.com/opf/openproject/pull/9983.patch"}], "lastModified": "2021-12-20T16:47:26.213", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openproject:openproject:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DB8D80E-6001-4F98-98AE-4E96A774E4A7", "versionEndExcluding": "12.0.4", "versionStartIncluding": "12.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}