Auto-merge PR#1335

2025-08-04 08:44:25 +00:00 · 2021-04-13 15:45:21 -04:00 · 2021-04-13 15:45:21 -04:00 · 8d64d4eb8a
commit 8d64d4eb8a
parent e27dccae8f 6f4a8b28d7
1 changed files with 71 additions and 6 deletions
--- a/2021/29xxx/CVE-2021-29439.json
+++ b/2021/29xxx/CVE-2021-29439.json
@ -1,18 +1,83 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
+        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2021-29439",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC",
+        "TITLE": "Plugins can be installed with minimal admin privileges"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "grav-plugin-admin",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "< 1.10.11"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "getgrav"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission `admin.login` can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitive and elevate their privileges on the instance.\nThe vulnerability has been addressed in version 1.10.11.\nAs a mitigation blocking access to the `/admin` path from untrusted sources will reduce the probability of exploitation. "
            }
        ]
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "LOW",
+            "attackVector": "NETWORK",
+            "availabilityImpact": "HIGH",
+            "baseScore": 7.2,
+            "baseSeverity": "HIGH",
+            "confidentialityImpact": "HIGH",
+            "integrityImpact": "HIGH",
+            "privilegesRequired": "HIGH",
+            "scope": "UNCHANGED",
+            "userInteraction": "NONE",
+            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+            "version": "3.1"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "{\"CWE-863\":\"Incorrect Authorization\"}"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "name": "https://github.com/getgrav/grav-plugin-admin/security/advisories/GHSA-wg37-cf5x-55hq",
+                "refsource": "CONFIRM",
+                "url": "https://github.com/getgrav/grav-plugin-admin/security/advisories/GHSA-wg37-cf5x-55hq"
+            }
+        ]
+    },
+    "source": {
+        "advisory": "GHSA-wg37-cf5x-55hq",
+        "discovery": "UNKNOWN"
    }
 }