Detections
Analytics
Strapi < 4.8.0 Private Fields Sensitive Information Disclosure
medium Web App Scanning Plugin ID 114108
Language:
Synopsis
Strapi < 4.8.0 Private Fields Sensitive Information DisclosureDescription
Strapi is a popular open-source headless Content Management System (CMS) written in Node.js. Strapi versions before 4.8.0 suffer from an information disclosure vulnerability through collections private fields. By manipulating public collections query filters, a remote and unauthenticated attacker can infer sensitive information like encrypted password or password reset tokens by analyzing response discrepancies. Upon successful exploitation, the attacker can gain administrative access to the Strapi administration panel.Solution
Upgrade Strapi to version 4.8.0 or later.See Also
https://github.com/strapi/strapi/security/advisories/GHSA-jjqf-j4w7-92w8
https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve
Plugin Details
Severity: Medium
ID: 114108
Type: remote
Family: Component Vulnerability
Published: 11/15/2023
Updated: 11/15/2023
Scan Template: basic, full, pci, scan
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 6.1
Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:N/A:N
CVSS Score Source: CVE-2023-22894
CVSS v3
Risk Factor: Medium
Base Score: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVSS Score Source: CVE-2023-22894
Vulnerability Information
CPE: cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 4/18/2023
Reference Information
CVE: CVE-2023-22894
OWASP: 2010-A6, 2010-A8, 2013-A2, 2013-A5, 2013-A7, 2013-A9, 2017-A5, 2017-A6, 2017-A9, 2021-A1, 2021-A4, 2021-A6
WASC: Application Misconfiguration, Authentication Bypass, Information Leakage, Insufficient Authorization
CAPEC: 116, 122, 13, 169, 19, 22, 224, 233, 285, 287, 290, 291, 292, 293, 294, 295, 296, 297, 298, 299, 300, 301, 302, 303, 304, 305, 306, 307, 308, 309, 310, 312, 313, 317, 318, 319, 320, 321, 322, 323, 324, 325, 326, 327, 328, 329, 330, 441, 472, 478, 479, 497, 502, 503, 508, 536, 546, 550, 551, 552, 556, 558, 562, 563, 564, 573, 574, 575, 576, 577, 578, 58, 59, 60, 616, 643, 646, 651, 79
DISA STIG: APSC-DV-000460, APSC-DV-000500, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2), 164.312(a)(1), 164.312(a)(2)(i)
ISO: 27001-A.13.1.1, 27001-A.14.1.2, 27001-A.14.1.3, 27001-A.14.2.5, 27001-A.18.1.3, 27001-A.6.2.2, 27001-A.9.1.2, 27001-A.9.4.1, 27001-A.9.4.4, 27001-A.9.4.5
NIST: sp800_53-AC-3, sp800_53-CM-6b, sp800_53-SI-15
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-1.4.2, 4.0.2-14.2.1, 4.0.2-8.3.4