CVE-2021-33031 - Vulnerability Details - OpenCVE

In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email address if the attacker knows details of the victim such as the exact roles and group roles, ID, and remote authentication ID settings. These must be sent in a modified save API request. It was fixed in 6.3.0.03.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Labcup	Labcup

Configuration 1 [-]

cpe:2.3:a:labcup:labcup:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md
https://labcup.net/privacy-data-security/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-06-10T15:28:01

Updated: 2024-08-03T23:42:19.139Z

Reserved: 2021-05-14T00:00:00

Link: CVE-2021-33031

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-06-10T16:15:08.157

Modified: 2024-11-21T06:08:09.493

Link: CVE-2021-33031

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email address if the attacker knows details of the victim such as the exact roles and group roles, ID, and remote authentication ID settings. These must be sent in a modified save API request. It was fixed in 6.3.0.03."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-10T15:28:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md"}, {"tags": ["x_refsource_MISC"], "url": "https://labcup.net/privacy-data-security/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33031", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email address if the attacker knows details of the victim such as the exact roles and group roles, ID, and remote authentication ID settings. These must be sent in a modified save API request. It was fixed in 6.3.0.03."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md", "refsource": "MISC", "url": "https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md"}, {"name": "https://labcup.net/privacy-data-security/", "refsource": "MISC", "url": "https://labcup.net/privacy-data-security/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:42:19.139Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://labcup.net/privacy-data-security/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-33031", "datePublished": "2021-06-10T15:28:01", "dateReserved": "2021-05-14T00:00:00", "dateUpdated": "2024-08-03T23:42:19.139Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:labcup:labcup:*:*:*:*:*:*:*:*", "matchCriteriaId": "FEAAA149-D0FD-4F20-A2D1-5D6B3D6914E7", "versionEndExcluding": "v2_next_18022", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email address if the attacker knows details of the victim such as the exact roles and group roles, ID, and remote authentication ID settings. These must be sent in a modified save API request. It was fixed in 6.3.0.03."}, {"lang": "es", "value": "En LabCup versiones anteriores a v2_next_18022, es posible usar la API de guardado para llevar a cabo acciones no autorizadas para los usuarios sin acceso a la gesti\u00f3n de usuarios para, despu\u00e9s de una explotaci\u00f3n con \u00e9xito, conseguir acceso a la cuenta de la v\u00edctima. Un usuario sin el privilegio de gesti\u00f3n de usuarios puede cambiar la direcci\u00f3n de correo electr\u00f3nico de otro usuario si el atacante conoce los detalles de la v\u00edctima, como los roles exactos y los roles de grupo, la ID y la configuraci\u00f3n de la ID de autenticaci\u00f3n remota. Estos deben ser enviados en una petici\u00f3n modificada de la API de guardado. Se ha corregido en la versi\u00f3n 6.3.0.03"}], "id": "CVE-2021-33031", "lastModified": "2024-11-21T06:08:09.493", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-10T16:15:08.157", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://labcup.net/privacy-data-security/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://labcup.net/privacy-data-security/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}