CVE-2024-3165 - Vulnerability Details - OpenCVE

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment. OWASP Top 10 - A05) Insecure Design OWASP Top 10 - A05) Security Misconfiguration OWASP Top 10 - A09) Security Logging and Monitoring Failure

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Dotcms	Dotcms

No data.

No data.

References

Link	Providers
https://github.com/dotCMS/core/issues/27910
https://github.com/dotCMS/core/pull/28006
https://www.dotcms.com/security/SI-70

History

Mon, 30 Sep 2024 16:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-522

Mon, 30 Sep 2024 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Dotcms Dotcms dotcms
CPEs		cpe:2.3:a:dotcms:dotcms::::::::
Vendors & Products		Dotcms Dotcms dotcms
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 30 Sep 2024 15:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-532

MITRE

Status: PUBLISHED

Assigner: dotCMS

Published: 2024-04-01T21:38:04.085Z

Updated: 2024-09-30T15:27:54.804Z

Reserved: 2024-04-01T21:31:06.377Z

Link: CVE-2024-3165

Vulnrichment

Updated: 2024-08-01T20:05:07.539Z

NVD

Status : Awaiting Analysis

Published: 2024-04-01T22:15:23.080

Modified: 2024-11-21T09:29:02.997

Link: CVE-2024-3165

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3165", "assignerOrgId": "5b9d93f2-25c7-46b4-ab60-d201718c9dd8", "state": "PUBLISHED", "assignerShortName": "dotCMS", "dateReserved": "2024-04-01T21:31:06.377Z", "datePublished": "2024-04-01T21:38:04.085Z", "dateUpdated": "2024-09-30T15:27:54.804Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "dotCMS core", "vendor": "dotCMS", "versions": [{"status": "affected", "version": "22.02 and after"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<b><p><span style=\"background-color: transparent;\">System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment.  </span></p><p><span style=\"background-color: transparent;\">OWASP Top 10 - A05) Insecure Design</span></p><p><span style=\"background-color: transparent;\">OWASP Top 10 - A05) Security Misconfiguration</span></p><p><span style=\"background-color: transparent;\">OWASP Top 10 - A09) Security Logging and Monitoring Failure</span></p></b><br><br>"}], "value": "System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment. \u00a0\n\nOWASP Top 10 - A05) Insecure Design\n\nOWASP Top 10 - A05) Security Misconfiguration\n\nOWASP Top 10 - A09) Security Logging and Monitoring Failure"}], "impacts": [{"capecId": "CAPEC-131", "descriptions": [{"lang": "en", "value": "CAPEC-131 Resource Leak Exposure"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5b9d93f2-25c7-46b4-ab60-d201718c9dd8", "shortName": "dotCMS", "dateUpdated": "2024-09-30T15:27:54.804Z"}, "references": [{"url": "https://www.dotcms.com/security/SI-70"}, {"url": "https://github.com/dotCMS/core/issues/27910"}, {"url": "https://github.com/dotCMS/core/pull/28006"}], "source": {"discovery": "UNKNOWN"}, "title": "Database Credential Exposure in the Logs", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:05:07.539Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.dotcms.com/security/SI-70", "tags": ["x_transferred"]}, {"url": "https://github.com/dotCMS/core/issues/27910", "tags": ["x_transferred"]}, {"url": "https://github.com/dotCMS/core/pull/28006", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "dotcms", "product": "dotcms", "cpes": ["cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "22.02", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-02T15:07:00.832616Z", "id": "CVE-2024-3165", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T15:35:24.144Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.dotcms.com/security/SI-70", "tags": ["x_transferred"]}, {"url": "https://github.com/dotCMS/core/issues/27910", "tags": ["x_transferred"]}, {"url": "https://github.com/dotCMS/core/pull/28006", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:05:07.539Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3165", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-02T15:07:00.832616Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*"], "vendor": "dotcms", "product": "dotcms", "versions": [{"status": "affected", "version": "22.02", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T15:35:19.503Z"}}], "cna": {"title": "Database Credential Exposure in the Logs", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-131", "descriptions": [{"lang": "en", "value": "CAPEC-131 Resource Leak Exposure"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "dotCMS", "product": "dotCMS core", "versions": [{"status": "affected", "version": "22.02 and after"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.dotcms.com/security/SI-70"}, {"url": "https://github.com/dotCMS/core/issues/27910"}, {"url": "https://github.com/dotCMS/core/pull/28006"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment. \u00a0\n\nOWASP Top 10 - A05) Insecure Design\n\nOWASP Top 10 - A05) Security Misconfiguration\n\nOWASP Top 10 - A09) Security Logging and Monitoring Failure", "supportingMedia": [{"type": "text/html", "value": "<b><p><span style=\"background-color: transparent;\">System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment.  </span></p><p><span style=\"background-color: transparent;\">OWASP Top 10 - A05) Insecure Design</span></p><p><span style=\"background-color: transparent;\">OWASP Top 10 - A05) Security Misconfiguration</span></p><p><span style=\"background-color: transparent;\">OWASP Top 10 - A09) Security Logging and Monitoring Failure</span></p></b><br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "5b9d93f2-25c7-46b4-ab60-d201718c9dd8", "shortName": "dotCMS", "dateUpdated": "2024-09-30T15:27:54.804Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3165", "state": "PUBLISHED", "dateUpdated": "2024-09-30T15:27:54.804Z", "dateReserved": "2024-04-01T21:31:06.377Z", "assignerOrgId": "5b9d93f2-25c7-46b4-ab60-d201718c9dd8", "datePublished": "2024-04-01T21:38:04.085Z", "assignerShortName": "dotCMS"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment. \u00a0\n\nOWASP Top 10 - A05) Insecure Design\n\nOWASP Top 10 - A05) Security Misconfiguration\n\nOWASP Top 10 - A09) Security Logging and Monitoring Failure"}, {"lang": "es", "value": "System->Maintenance-> Log Files en el panel de dotCMS proporciona el nombre de usuario/contrase\u00f1a para las conexiones de la base de datos en la salida del registro. Sin embargo, este es un problema moderado, ya que requiere un administrador de backend y que las bases de datos est\u00e9n bloqueadas por el entorno. OWASP Top 10 - A05) Dise\u00f1o inseguro OWASP Top 10 - A05) Configuraci\u00f3n incorrecta de seguridad OWASP Top 10 - A09) Fallo de registro y monitoreo de seguridad"}], "id": "CVE-2024-3165", "lastModified": "2024-11-21T09:29:02.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "security@dotcms.com", "type": "Secondary"}]}, "published": "2024-04-01T22:15:23.080", "references": [{"source": "security@dotcms.com", "url": "https://github.com/dotCMS/core/issues/27910"}, {"source": "security@dotcms.com", "url": "https://github.com/dotCMS/core/pull/28006"}, {"source": "security@dotcms.com", "url": "https://www.dotcms.com/security/SI-70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/dotCMS/core/issues/27910"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/dotCMS/core/pull/28006"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.dotcms.com/security/SI-70"}], "sourceIdentifier": "security@dotcms.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "security@dotcms.com", "type": "Secondary"}]}