CVE-2023-43814

Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the `/polls/grouped_poll_results` endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where the results were intended to only be viewable by authorized users. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. There is no workaround for this issue apart from upgrading to the fixed version.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/discourse/discourse/security/advisories/GHSA-3x57-846g-7qcw	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:discourse:discourse:::::stable:::*
	cpe:2.3:a:discourse:discourse:3.2.0:beta1:::beta:::*

History

20 Oct 2023, 17:48

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 3.7
References	~~(MISC) https://github.com/discourse/discourse/security/advisories/GHSA-3x57-846g-7qcw -~~	(MISC) https://github.com/discourse/discourse/security/advisories/GHSA-3x57-846g-7qcw - Vendor Advisory
CPE		cpe:2.3:a:discourse:discourse:::::stable:::* cpe:2.3:a:discourse:discourse:3.2.0:beta1:::beta:::*
CWE	CWE-200 CWE-284	NVD-CWE-noinfo
First Time		Discourse Discourse discourse

16 Oct 2023, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-16 22:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-43814

Mitre link : CVE-2023-43814

CVE.ORG link : CVE-2023-43814

JSON object : View

Products Affected

discourse

discourse

CWE

NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-284

Improper Access Control

{"id": "CVE-2023-43814", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2023-10-16T22:15:12.317", "references": [{"url": "https://github.com/discourse/discourse/security/advisories/GHSA-3x57-846g-7qcw", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the `/polls/grouped_poll_results` endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where the results were intended to only be viewable by authorized users. This issue is patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. There is no workaround for this issue apart from upgrading to the fixed version.\n"}, {"lang": "es", "value": "Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. Los atacantes con detalles espec\u00edficos de una encuesta en un tema pueden usar el endpoint `/polls/grouped_poll_results` para ver el contenido de las opciones en la encuesta y el n\u00famero de votos de los grupos de participantes de la encuesta. Esto afecta las encuestas privadas cuyos resultados estaban destinados a ser vistos \u00fanicamente por usuarios autorizados. Este problema se solucion\u00f3 en las versiones 3.1.1 stable y 3.2.0.beta2 de Discourse. No existe ninguna workaround para este problema aparte de actualizar a la versi\u00f3n corregida."}], "lastModified": "2023-10-20T17:48:38.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*", "vulnerable": true, "matchCriteriaId": "6AC25048-A9DA-4EB4-A05B-33B6348539CA", "versionEndIncluding": "3.1.1"}, {"criteria": "cpe:2.3:a:discourse:discourse:3.2.0:beta1:*:*:beta:*:*:*", "vulnerable": true, "matchCriteriaId": "1BFF647B-6CEF-43BF-BF5E-C82B557F78E2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}