2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2017-15198" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2017-10-11T01:32:54.550" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T03:14:11.690" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user."
} ,
{
"lang" : "es" ,
"value" : "En Kanboard en versiones anteriores a 1.0.47, al alterar los datos del formulario, un usuario autenticado puede editar una categor\u00eda de un proyecto privado de otro usuario."
}
] ,
"metrics" : {
"cvssMetricV30" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.3 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "LOW" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 1.4
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "SINGLE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-200"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D9FFA667-B2E5-464E-9B11-3B98283AD2C4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9F126BD8-B6F8-43BF-96CF-B11F2E9CB9F3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3507C156-EB3B-470C-B895-F71845D2368E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6E0902C1-DECB-4183-B369-511E2768D995"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AA633272-8FA7-407C-9B3E-2D876B7271F0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B306B73B-15B3-4B8B-9095-3642F8B47924"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8FA40036-AC79-4367-BACB-B0B1451C5BD8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C86BF2C5-D92F-41B4-B381-6D21BAA2D913"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A62EF43A-C147-4C11-BD6E-82CF941AEBD4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "958B6A4D-C466-4361-AA0A-5EB3D111C4E6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C7C42F62-CD96-4727-9CD0-C3BD81418E53"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "970266EC-8452-4A06-81AC-05CF336D3C6F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1FE55D52-992D-4E67-BB6C-2E80299D22E0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.13:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DCE0BBFF-553F-4518-809B-BF136B7ABC71"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.14:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E2EFAF36-875E-41DB-BFB8-45846E29903E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.15:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1333058-CD6D-4F7D-8C07-D4352D2FA9DE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.16:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C3952635-F178-4AC0-8FE7-1034E0078AC7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.17:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7512FB30-BE2A-4CDA-8B77-44234223B578"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.18:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "971C5D44-1406-4446-BEFE-20EF9ECDFFF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.19:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0045683B-30D9-4A04-A3A4-4DB903245380"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.20:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BF439AC-B790-45D7-9C25-1C9195924ADD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.21:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A4FDBF54-282B-49A1-8095-811A5B998EEF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.22:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F650F14A-6A3E-4FD2-BCA1-6AF29278B827"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.23:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "91C4B000-72B1-4E5F-814E-FBE2CEC602A6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.24:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9249BDDA-4E2D-421D-8285-926FC400AC58"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.25:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3B8946D-2BF0-47FD-BEA0-0C2C74126142"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.26:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A0315865-561D-4EA2-B361-FDB6D03FF5B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.27:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E0FC480-9E2A-4A76-92FF-60E6239CE89F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.28:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3BA990B5-D038-4E5E-8FAF-035460BD4146"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.29:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "070A3295-AFD7-473F-A9DA-ACF84C33274E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.30:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3B0B924E-76CE-412D-A47A-417B7C5E3454"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.31:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E7B48D3D-556D-4942-99E6-E6135400B2A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.31:beta0:*:*:*:*:*:*" ,
"matchCriteriaId" : "08E6DE90-A247-4B72-A05C-61C9496E0D9E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.31:beta1:*:*:*:*:*:*" ,
"matchCriteriaId" : "15D496D1-DF37-4B06-BAE5-485D5141E1A3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.32:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC6332E7-A86D-4B09-93B3-815797E92A2F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.32:beta0:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC8AE758-147C-4786-89CE-D2876C23BA5A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.32:beta1:*:*:*:*:*:*" ,
"matchCriteriaId" : "4781CBDB-35CA-43BC-B031-34DB66B16D13"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.33:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "16F193B8-C859-47A5-9D1C-510925E9478C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.34:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CF622DE0-35C4-4F04-B74A-4127A885395F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.35:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "98B3CDED-1284-45F7-93E2-F3CBFD2BB79C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.36:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2A4CD995-FEF9-47DE-A5AB-671471773DC0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.37:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "60825078-59BC-45AD-B644-B23973233B33"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.38:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4695EEFA-1098-4741-A4C5-39D613880091"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.39:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49DD1826-5FC0-4773-AFFB-EAE3CFA4AC46"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.40:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5033EDD4-9217-467E-91E9-8805B3667E1D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.41:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C04963CA-D17A-4847-B022-187D33134A74"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.42:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "868722FE-E626-427A-8B24-58A8214824A9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.43:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FB2AF76B-C4CA-40D1-829C-E80560E14FDE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.44:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "82D7AE61-C248-4E95-8878-903A188B41C6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.45:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "467A191D-9A57-4B53-AD41-30CF317AA102"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:kanboard:kanboard:1.0.46:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "41590AFF-2DB4-4D37-8CF8-84FCF85BB75B"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://openwall.com/lists/oss-security/2017/10/04/9" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Mailing List" ,
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://kanboard.net/news/version-1.0.47" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Release Notes" ,
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "http://openwall.com/lists/oss-security/2017/10/04/9" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Mailing List" ,
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://kanboard.net/news/version-1.0.47" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Release Notes" ,
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
