CVE-2021-33031

Description

In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email address if the attacker knows details of the victim such as the exact roles and group roles, ID, and remote authentication ID settings. These must be sent in a modified save API request. It was fixed in 6.3.0.03.

Related CPE's

CvssV3 impact

BaseSeverity

LOW

ConfidentialityImpact

NONE

AttackComplexity

HIGH

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

NONE

IntegrityImpact

LOW

PrivilegesRequired

LOW

BaseScore

3.1

VectorString

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

3.5

VectorString

AV:N/AC:M/Au:S/C:N/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE