Access Control Flaw in MantisBT Allows Cloning of Private Issues
CVE-2020-29604

6.5MEDIUM

Key Information:

Vendor: Mantisbt
Status: Mantisbt
Vendor: CVE Published:; 29 January 2021

What is CVE-2020-29604?

A vulnerability exists in MantisBT versions before 2.24.4 due to a missing access control check in the bug_actiongroup.php file. This issue permits an attacker with permissions to create new issues to exploit the COPY group action. By leveraging this flaw, an attacker can duplicate any private issue, which includes all associated bugnotes and attachments, merely by manipulating thebug_arr[] parameter. This can expose sensitive information, leading to unauthorized access to confidential data stored within private projects or issues.

References

https://mantisbt.org/bugs/view.php?id=27357

x_refsource_MISC

https://mantisbt.org/bugs/view.php?id=27728

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 29, 2021
Vulnerability Reserved
Dec 7, 2020

Mantisbt

What is CVE-2020-29604?

References

CVSS V3.1

Timeline