Adversaries Can Compromise User Accounts and Read Sensitive Information
CVE-2024-34082

9.9CRITICAL

Key Information:

Vendor: Getgrav
Status: Grav
Vendor: CVE Published:; 15 May 2024

What is CVE-2024-34082?

Grav, a file-based Web platform, exhibits a security vulnerability that allows low-privilege users with page editing capabilities to read sensitive server files using Twig syntax. This includes files containing hashed user passwords, two-factor authentication secrets, and password reset tokens, particularly located in the /grav/user/accounts/*.yaml directory. Exploiting this vulnerability can enable adversaries to compromise registered user accounts, including those of administrators, either by cracking the hashed passwords or by utilizing the exposed password reset tokens. An attacker could perform a full account takeover, resulting in significant data breaches and unauthorized access. Users are advised to upgrade to version 1.7.46 or later to mitigate these risks.

Affected Version(s)

grav < 1.7.46

References

https://github.com/getgrav/grav/security/advisories/GHSA-...

x_refsource_CONFIRM

https://github.com/getgrav/grav/commit/b6bba9eb99bf8cb55b...

x_refsource_MISC

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 15, 2024
Vulnerability Reserved
Apr 30, 2024

JSON

Getgrav

What is CVE-2024-34082?

Affected Version(s)

References

CVSS V3.1

Timeline