Insecure Access Control: Users with Site Admin Role Can Access System Maintenance Tools
CVE-2024-3164

4.5MEDIUM

Key Information:

Vendor: Dotcms
Status: Dotcms Core
Vendor: CVE Published:; 1 April 2024

What is CVE-2024-3164?

In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is and always has been an Admin portlet, is accessible to anyone with that portlet and not just to CMS Admins. Users that get site admin but not a system admin, should not have access to the System Maintenance → Tools portlet. This would share database username and password under Log Files and download DB Dump and other dotCMS Content under Tools. Nothing in the System → Maintenance should be displayed for users with site admin role. Only system admins must have access to System Maintenance.

OWASP Top 10 - A01) Broken Access Control

OWASP Top 10 - A04) Insecure Design

Affected Version(s)

dotCMS core 22.02 and after

References

https://www.dotcms.com/security/SI-69

https://github.com/dotCMS/core/pull/27912

https://github.com/dotCMS/core/issues/27909

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2024

JSON

Dotcms

What is CVE-2024-3164?

Affected Version(s)

References

CVSS V3.1

Timeline