SCA: security update for org.xwiki.platform:xwiki-platform-oldcore (GHSA-v782-xr4w-3vqx)

medium Tenable Self-Hosted Container Security Plugin ID 419152

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19,
15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the
history whenever the object storing the password is deleted. Using that vulnerability it's possible for an
attacker to have access to the hash password of a user if they have rights to edit the users' page. With
the default right scheme in XWiki this vulnerability is normally prevented on user profiles, except by
users with Admin rights. Note that this vulnerability also impacts any extensions that might use passwords
stored in xobjects: for those usecases it depends on the right of those pages. There is currently no way
to be 100% sure that this vulnerability has been exploited, as an attacker with enough privilege could
have deleted the revision where the xobject was deleted after rolling-back the deletion. But again, this
operation requires high privileges on the target page (Admin right). A page with a user password xobject
which have in its history a revision where the object has been deleted should be considered at risk and
the password should be changed there. a diff, to ensure it's not coming from a password field. As another
mitigation, admins should ensure that the user pages are properly protected: the edit right shouldn't be
allowed for other users than Admin and owner of the profile (which is the default right). There is not
much workaround possible for a privileged user other than upgrading XWiki. (CVE-2024-31464)

See Also

https://github.com/advisories/GHSA-v782-xr4w-3vqx

Plugin Details

Severity: Medium

ID: 419152

Version: Revision 1.19

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.9

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 4.5

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:N/A:N

CVSS Score Source: CVE-2024-31464

CVSS v3

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 4/10/2024

Vulnerability Publication Date: 4/10/2024

Reference Information

CVE: CVE-2024-31464