CVE-2021-43820

Published: Dic 14, 2021 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2021-30702 Aliases: GSD-2021-43820

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,4

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: none

MEDIUM 4,3

Source: [email protected]

Access Vector: network

Access Complexity: medium

Authentication: none

Confidentiality: partial

Integrity: none

Availability: none

Description

AI Translation Available

Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether the token exist in the cache. However, if the token exists in cache, the server doesn't check whether it's associated with the specific library in the URL. This vulnerability makes it possible to use any valid sync token to access data from any **known** library. Note that the attacker has to first find out the ID of a library which it has no access to. The library ID is a random UUID, which is not possible to be guessed. There are no workarounds for this issue.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0031

Percentile

0,5th

Updated

EPSS Score Trend (Last 91 Days)

639

Authorization Bypass Through User-Controlled Key

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism Gain Privileges Or Assume Identity

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: High

View CWE Details

Application

Seafile Server by Seafile

Product Information

Vendor Seafile

Product Seafile Server

Version Range Affected

To 8.0.15 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:seafile:seafile_server:*:*:*:*:professional:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Seafile Server by Seafile

Product Information

Vendor Seafile

Product Seafile Server

Version Range Affected

From 9.0.0 (inclusive)

To 9.0.2 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:seafile:seafile_server:*:*:*:*:community:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Seafile Server by Seafile

Product Information

Vendor Seafile

Product Seafile Server

Version Range Affected

To 8.0.8 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:seafile:seafile_server:*:*:*:*:community:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://github.com/haiwen/seafile-server/pull/520

Patch Third Party Advisory

https://github.com/haiwen/seafile-server/pull/520

https://github.com/haiwen/seafile-server/security/advisorie…

Third Party Advisory

https://github.com/haiwen/seafile-server/security/advisories/GHSA-m3wc-jv6r-hvv8

https://github.com/haiwen/seafile-server/pull/520

Patch Third Party Advisory

https://github.com/haiwen/seafile-server/pull/520

https://github.com/haiwen/seafile-server/security/advisorie…

Third Party Advisory

https://github.com/haiwen/seafile-server/security/advisories/GHSA-m3wc-jv6r-hvv8

CVE-2021-43820

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 91 Days)

Authorization Bypass Through User-Controlled Key

Common Consequences

Applicable Platforms

Seafile Server by Seafile

Product Information

Seafile Server by Seafile

Product Information

Seafile Server by Seafile

Product Information

Iscriviti alla newsletter