Improper Access Control

Affecting silverstripe/framework package, versions >=3.1.19, <3.1.20 || >=3.2.4, <3.2.5 || >=3.3.2, <3.3.3 || >=3.4.0, <3.4.1

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

Overview

silverstripe/framework is a PHP framework forming the base for the SilverStripe CMS.

Affected versions of this package are vulnerable to Improper Access Control. The SS_Report, and the reports CMS section only checks canView() when listing the reports that can be viewed by the current user. It does not (and should) perform canView checks when the report is actually viewed, so if you know the URL to a report and can otherwise access the Reports section of the CMS, you can view any report.

Remediation

Upgrade silverstripe/framework to version 3.1.20, 3.2.5, 3.3.3, 3.4.1 or higher.

References

CVSS Score

5.3
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    Low
  • Integrity
    None
  • Availability
    None
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Credit
Matt Peel
CWE
CWE-284
Snyk ID
SNYK-PHP-SILVERSTRIPEFRAMEWORK-546514
Disclosed
05 Feb, 2020
Published
05 Feb, 2020