CVE-2024-27921

{"id": "CVE-2024-27921", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-03-21T22:15:11.137", "references": [{"url": "https://github.com/getgrav/grav/commit/5928411b86bab05afca2b33db4e7386a44858e99", "source": "security-advisories@github.com"}, {"url": "https://github.com/getgrav/grav/security/advisories/GHSA-m7hx-hw6h-mqmc", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses severe risks, that can allow attackers to inject arbitrary code on the server, undermine integrity of backup files by overwriting existing files or creating new ones, and exfiltrate sensitive data using CSS exfiltration techniques. Upgrading to patched version 1.7.45 can mitigate the issue."}, {"lang": "es", "value": "Grav es un sistema de gesti\u00f3n de contenidos de archivos planos de c\u00f3digo abierto. Se identific\u00f3 una vulnerabilidad de path traversal de carga de archivos en la aplicaci\u00f3n anterior a la versi\u00f3n 1.7.45, lo que permite a los atacantes reemplazar o crear archivos con extensiones como .json, .zip, .css, .gif, etc. Esta falla de seguridad cr\u00edtica plantea riesgos graves , que puede permitir a los atacantes inyectar c\u00f3digo arbitrario en el servidor, socavar la integridad de los archivos de respaldo sobrescribiendo archivos existentes o creando otros nuevos, y exfiltrar datos confidenciales utilizando t\u00e9cnicas de exfiltraci\u00f3n CSS. Actualizar a la versi\u00f3n parcheada 1.7.45 puede mitigar el problema."}], "lastModified": "2024-03-22T12:45:36.130", "sourceIdentifier": "security-advisories@github.com"}