CVE-2023-33968 - Vulnerability Details - OpenCVE

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not been invited or the project is personal. The vulnerable features are `Duplicate to project` and `Move to project`, which both utilize the `checkDestinationProjectValues()` function to check his values. This issue has been addressed in version 1.2.30. Users are advised to upgrade. There are no known workarounds for this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Kanboard	Kanboard

Configuration 1 [-]

cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053
https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr

History

Wed, 08 Jan 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-06-05T19:49:17.550Z

Updated: 2025-01-08T16:02:26.334Z

Reserved: 2023-05-24T13:46:35.953Z

Link: CVE-2023-33968

Vulnrichment

Updated: 2024-08-02T15:54:14.206Z

NVD

Status : Modified

Published: 2023-06-05T20:15:09.750

Modified: 2024-11-21T08:06:18.903

Link: CVE-2023-33968

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-33968", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-05-24T13:46:35.953Z", "datePublished": "2023-06-05T19:49:17.550Z", "dateUpdated": "2025-01-08T16:02:26.334Z"}, "containers": {"cna": {"title": "Missing Access Control allows User to move and duplicate tasks in Kanboard", "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "lang": "en", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr"}, {"name": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053", "tags": ["x_refsource_MISC"], "url": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053"}], "affected": [{"vendor": "kanboard", "product": "kanboard", "versions": [{"version": "< 1.2.30", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-06-05T19:49:17.550Z"}, "descriptions": [{"lang": "en", "value": "Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not been invited or the project is personal. The vulnerable features are `Duplicate to project` and `Move to project`, which both utilize the `checkDestinationProjectValues()` function to check his values. This issue has been addressed in version 1.2.30. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-gf8r-4p6m-v8vr", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:54:14.206Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr"}, {"name": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-08T16:02:17.986864Z", "id": "CVE-2023-33968", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-08T16:02:26.334Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr", "name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053", "name": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:54:14.206Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-33968", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-08T16:02:17.986864Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-08T16:02:22.581Z"}}], "cna": {"title": "Missing Access Control allows User to move and duplicate tasks in Kanboard", "source": {"advisory": "GHSA-gf8r-4p6m-v8vr", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "kanboard", "product": "kanboard", "versions": [{"status": "affected", "version": "< 1.2.30"}]}], "references": [{"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr", "name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053", "name": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not been invited or the project is personal. The vulnerable features are `Duplicate to project` and `Move to project`, which both utilize the `checkDestinationProjectValues()` function to check his values. This issue has been addressed in version 1.2.30. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-06-05T19:49:17.550Z"}}}, "cveMetadata": {"cveId": "CVE-2023-33968", "state": "PUBLISHED", "dateUpdated": "2025-01-08T16:02:26.334Z", "dateReserved": "2023-05-24T13:46:35.953Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-06-05T19:49:17.550Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*", "matchCriteriaId": "082DAE98-80F0-4423-8581-AB8D0051EAA1", "versionEndExcluding": "1.2.30", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not been invited or the project is personal. The vulnerable features are `Duplicate to project` and `Move to project`, which both utilize the `checkDestinationProjectValues()` function to check his values. This issue has been addressed in version 1.2.30. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "id": "CVE-2023-33968", "lastModified": "2024-11-21T08:06:18.903", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-05T20:15:09.750", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/kanboard/kanboard/commit/c20be8f5fa26e54005a90c645e80b11481a65053"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gf8r-4p6m-v8vr"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security-advisories@github.com", "type": "Secondary"}]}