CRITICAL🇵🇱 Wersja polska

CVE-2023-38052

CVSS 9.9v3.1pub. 2024-07-09upd. 2024-11-21

A BOLA vulnerability in GET, PUT, DELETE /admins/{adminId} allows a low privileged user to fetch, modify or delete a high privileged user (admin). This results in unauthorized access and unauthorized data manipulation.

🤖 AI Analysis
How it works

The vulnerability affects API endpoints GET, PUT, and DELETE under the path /admins/{adminId}. An authenticated user with low privileges can send HTTP requests to these endpoints by specifying an administrator account identifier (adminId). The application does not properly verify whether the requesting user has access rights to the specified resource, which is a classic case of CWE-639 (Authorization Bypass Through User-Controlled Key).

Impact

An attacker with basic system access can read administrator account data, modify their settings, or completely delete accounts, leading to unauthorized access and data manipulation of highly privileged users.

Mitigation & patch

Apply patches available from the vendor according to the references. Temporarily, it is recommended to restrict API access exclusively to trusted networks and monitor requests directed to the /admins/{adminId} endpoints.

Who is affected

Easy!Appointments application (alextselegidis/easyappointments) — versions indicated in the vendor's references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Easyappointments

    APP
    Easyappointments
    < 1.5.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-57602CRITICAL9.8PL ✓ten sam produkt

EasyAppointments v.1.5.0 — privilege escalation przez index.php

CVE-2023-38050CRITICAL9.1PL ✓ten sam produkt

BOLA w EasyAppointments — nieautoryzowany dostęp do webhooków innych użytkowników

CVE-2023-38048CRITICAL9.9PL ✓ten sam produkt

BOLA w Easy!Appointments — nieautoryzowany dostęp do kont dostawców

CVE-2023-3287CRITICAL9.9PL ✓ten sam produkt

BOLA w Easy!Appointments — privilege escalation do administratora

CVE-2023-38049CRITICAL9.9PL ✓ten sam produkt

BOLA w EasyAppointments — nieuprawniony dostęp do wizyt innych użytkowników