CVE-2021-43828

Public Exploit

Improper Privilege Management in Patrowl

Description

PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.77 an improper privilege management (IDOR) has been found in PatrowlManager. All imports findings file is placed under /media/imports/<owner_id>/<tmp_file> In that, owner_id is predictable and tmp_file is in format of import_<ownder_id>_<time_created>, for example: import_1_1639213059582.json This filename is predictable and allows anyone without logging in to download all finding import files This vulnerability is capable of allowing unlogged in users to download all finding imports file. Users are advised to update to 1.7.7 as soon as possible. There are no known workarounds.

References

Link	Tags
https://github.com/Patrowl/PatrowlManager/security/advisories/GHSA-x4wp-xvq7-w5vr	third party advisory
https://huntr.dev/bounties/fe6248f1-603d-43df-816c-c75534a56f72	exploit third party advisory patch

Frequently Asked Questions

What is the severity of CVE-2021-43828?: CVE-2021-43828 has been scored as a high severity vulnerability.
How to fix CVE-2021-43828?: To fix CVE-2021-43828, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-43828 being actively exploited in the wild?: It is possible that CVE-2021-43828 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-43828?: CVE-2021-43828 affects Patrowl PatrowlManager.

Description

Categories

CWE-269 – Improper Privilege Management

CWE-639 – Authorization Bypass Through User-Controlled Key

References

Frequently Asked Questions