CVE-2022-24824 - Vulnerability Details - OpenCVE

Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Discourse	Discourse

Configuration 1 [-]

OR	cpe:2.3:a:discourse:discourse::::::::
	cpe:2.3:a:discourse:discourse:2.9.0:beta1::::::
	cpe:2.3:a:discourse:discourse:2.9.0:beta2::::::
	cpe:2.3:a:discourse:discourse:2.9.0:beta3::::::

No data.

References

Link	Providers
https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e
https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w

History

Wed, 23 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-04-14T21:15:14.000Z

Updated: 2025-04-23T18:39:45.193Z

Reserved: 2022-02-10T00:00:00.000Z

Link: CVE-2022-24824

Vulnrichment

Updated: 2024-08-03T04:20:50.534Z

NVD

Status : Modified

Published: 2022-04-14T22:15:07.827

Modified: 2024-11-21T06:51:10.793

Link: CVE-2022-24824

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "discourse", "vendor": "discourse", "versions": [{"status": "affected", "version": "< 2.8.3"}, {"status": "affected", "version": "< 2.9.0.beta4"}]}], "descriptions": [{"lang": "en", "value": "Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-829", "description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-14T21:15:14.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}], "source": {"advisory": "GHSA-46v9-3jc4-f53w", "discovery": "UNKNOWN"}, "title": "Anonymous user cache poisoning in discourse", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24824", "STATE": "PUBLIC", "TITLE": "Anonymous user cache poisoning in discourse"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "discourse", "version": {"version_data": [{"version_value": "< 2.8.3"}, {"version_value": "< 2.9.0.beta4"}]}}]}, "vendor_name": "discourse"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere"}]}]}, "references": {"reference_data": [{"name": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w", "refsource": "CONFIRM", "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"name": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e", "refsource": "MISC", "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}]}, "source": {"advisory": "GHSA-46v9-3jc4-f53w", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.534Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-23T15:55:38.536828Z", "id": "CVE-2022-24824", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T18:39:45.193Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24824", "datePublished": "2022-04-14T21:15:14.000Z", "dateReserved": "2022-02-10T00:00:00.000Z", "dateUpdated": "2025-04-23T18:39:45.193Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"containers": {"cna": {"affected": [{"product": "discourse", "vendor": "discourse", "versions": [{"status": "affected", "version": "< 2.8.3"}, {"status": "affected", "version": "< 2.9.0.beta4"}]}], "descriptions": [{"lang": "en", "value": "Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-829", "description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-14T21:15:14.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}], "source": {"advisory": "GHSA-46v9-3jc4-f53w", "discovery": "UNKNOWN"}, "title": "Anonymous user cache poisoning in discourse", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24824", "STATE": "PUBLIC", "TITLE": "Anonymous user cache poisoning in discourse"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "discourse", "version": {"version_data": [{"version_value": "< 2.8.3"}, {"version_value": "< 2.9.0.beta4"}]}}]}, "vendor_name": "discourse"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere"}]}]}, "references": {"reference_data": [{"name": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w", "refsource": "CONFIRM", "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"name": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e", "refsource": "MISC", "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}]}, "source": {"advisory": "GHSA-46v9-3jc4-f53w", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.534Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-24824", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-23T15:55:38.536828Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T15:55:39.978Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24824", "datePublished": "2022-04-14T21:15:14.000Z", "dateReserved": "2022-02-10T00:00:00.000Z", "dateUpdated": "2025-04-23T18:39:45.193Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9653E97-F0B1-4559-AF43-F202A84403D2", "versionEndExcluding": "2.8.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "B3803EF9-A296-42B7-887F-93C5E68E94C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "8BA3D313-3C11-43E2-A47D-CBB532D1B6F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "6F42673E-65F3-4807-9484-20CB747420FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Discourse is an open source platform for community discussion. In affected versions an attacker can poison the cache for anonymous (i.e. not logged in) users, such that the users are shown the crawler view of the site instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are no known workarounds for this issue."}, {"lang": "es", "value": "Discourse es una plataforma de c\u00f3digo abierto para la discusi\u00f3n comunitaria. En las versiones afectadas, un atacante puede envenenar la cach\u00e9 para usuarios an\u00f3nimos (es decir, que no han iniciado sesi\u00f3n), de tal manera que a usuarios les es mostrado la vista del rastreador del sitio en lugar de la p\u00e1gina HTML. Esto puede conllevar a una denegaci\u00f3n de servicio parcial. Este problema est\u00e1 parcheado en las \u00faltimas versiones estables, beta y de prueba de Discourse. No se presentan medidas de mitigaci\u00f3n conocidas para este problema"}], "id": "CVE-2022-24824", "lastModified": "2024-11-21T06:51:10.793", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-14T22:15:07.827", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/discourse/discourse/commit/b72b0dac10493d09f4f9eb8f3c3ce7817295e34e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/discourse/discourse/security/advisories/GHSA-46v9-3jc4-f53w"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "security-advisories@github.com", "type": "Secondary"}]}