CVE-2008-4688 - Vulnerability Details - OpenCVE

core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mantis	Mantis

Configuration 1 [-]

OR	cpe:2.3:a:mantis:mantis::::::::
	cpe:2.3:a:mantis:mantis:0.19.3:::::::*
	cpe:2.3:a:mantis:mantis:0.19.4:::::::*
	cpe:2.3:a:mantis:mantis:1.0.1:::::::*
	cpe:2.3:a:mantis:mantis:1.0.2:::::::*
	cpe:2.3:a:mantis:mantis:1.0.3:::::::*
	cpe:2.3:a:mantis:mantis:1.0.4:::::::*
	cpe:2.3:a:mantis:mantis:1.0.5:::::::*
	cpe:2.3:a:mantis:mantis:1.0.6:::::::*
	cpe:2.3:a:mantis:mantis:1.0.7:::::::*
	cpe:2.3:a:mantis:mantis:1.0.8:::::::*
	cpe:2.3:a:mantis:mantis:1.1.1:::::::*
	cpe:2.3:a:mantis:mantis:1.1.2:::::::*

No data.

References

Link	Providers
http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384
http://secunia.com/advisories/32243
http://secunia.com/advisories/32975
http://www.gentoo.org/security/en/glsa/glsa-200812-07.xml
http://www.mantisbt.org/bugs/changelog_page.php
http://www.mantisbt.org/bugs/view.php?id=9321
http://www.openwall.com/lists/oss-security/2008/10/20/1
http://www.securityfocus.com/bid/31868

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-10-22T17:00:00

Updated: 2024-08-07T10:24:20.612Z

Reserved: 2008-10-22T00:00:00

Link: CVE-2008-4688

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-10-22T18:00:01.237

Modified: 2024-11-21T00:52:17.620

Link: CVE-2008-4688

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-14T00:00:00", "descriptions": [{"lang": "en", "value": "core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-01-28T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "32243", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32243"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384"}, {"name": "31868", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31868"}, {"name": "32975", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32975"}, {"name": "GLSA-200812-07", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200812-07.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mantisbt.org/bugs/changelog_page.php"}, {"name": "[oss-security] 20081020 Re: CVE request: mantisbt < 1.1.4: RCE", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/10/20/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mantisbt.org/bugs/view.php?id=9321"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4688", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "32243", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32243"}, {"name": "http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384", "refsource": "CONFIRM", "url": "http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384"}, {"name": "31868", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31868"}, {"name": "32975", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32975"}, {"name": "GLSA-200812-07", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200812-07.xml"}, {"name": "http://www.mantisbt.org/bugs/changelog_page.php", "refsource": "CONFIRM", "url": "http://www.mantisbt.org/bugs/changelog_page.php"}, {"name": "[oss-security] 20081020 Re: CVE request: mantisbt < 1.1.4: RCE", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/10/20/1"}, {"name": "http://www.mantisbt.org/bugs/view.php?id=9321", "refsource": "CONFIRM", "url": "http://www.mantisbt.org/bugs/view.php?id=9321"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:24:20.612Z"}, "title": "CVE Program Container", "references": [{"name": "32243", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32243"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384"}, {"name": "31868", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31868"}, {"name": "32975", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32975"}, {"name": "GLSA-200812-07", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200812-07.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mantisbt.org/bugs/changelog_page.php"}, {"name": "[oss-security] 20081020 Re: CVE request: mantisbt < 1.1.4: RCE", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2008/10/20/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mantisbt.org/bugs/view.php?id=9321"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4688", "datePublished": "2008-10-22T17:00:00", "dateReserved": "2008-10-22T00:00:00", "dateUpdated": "2024-08-07T10:24:20.612Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mantis:mantis:*:*:*:*:*:*:*:*", "matchCriteriaId": "132BAF7E-8047-417F-8C78-1C1FBDAF97A0", "versionEndIncluding": "1.1.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:0.19.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D8E7458-6655-4C86-85A9-81004FF38321", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*", "matchCriteriaId": "AE92E018-C25C-468D-9EF5-5665F0B42EA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DA5AE0B4-15AB-49E7-9B97-96BA322B0966", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "48069606-59B6-4D20-B909-997CA7EDBD2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E42CD1CB-49E7-484B-9629-78A24B754346", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F95B327F-94A8-4D4F-A330-1B9BF4B764FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "215420D5-4690-45BE-AE84-CF1522523299", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "5621726F-CA50-4336-9BCE-55F39BE5CDCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1B0ECF83-F61A-4745-AA0D-4822A38F24DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "91621575-AF90-4C01-AA87-A99C304227D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BAEE63A1-106C-4E50-8B6F-D134C69FD194", "vulnerable": true}, {"criteria": "cpe:2.3:a:mantis:mantis:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7729C7E-ECC1-48D0-BFF7-82A8D96DC0AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number."}, {"lang": "es", "value": "core/string_api.php en Mantis anterior a 1.1.3 no valida los privilegios del visor antes de crear un enlace con los datos de la incidencia en el identificador de origen, lo que permite a atacantes remotos conocer el t\u00edtulo y estado de la incidencia a trav\u00e9s de una petici\u00f3n con un n\u00famero de incidencia modificado."}], "id": "CVE-2008-4688", "lastModified": "2024-11-21T00:52:17.620", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-22T18:00:01.237", "references": [{"source": "cve@mitre.org", "url": "http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32243"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32975"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200812-07.xml"}, {"source": "cve@mitre.org", "url": "http://www.mantisbt.org/bugs/changelog_page.php"}, {"source": "cve@mitre.org", "url": "http://www.mantisbt.org/bugs/view.php?id=9321"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/10/20/1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/31868"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://mantisbt.svn.sourceforge.net/viewvc/mantisbt/branches/BRANCH_1_1_0/mantisbt/core/string_api.php?r1=5285&r2=5384&pathrev=5384"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32243"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32975"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200812-07.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mantisbt.org/bugs/changelog_page.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mantisbt.org/bugs/view.php?id=9321"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2008/10/20/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/31868"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}