CVE-2020-15248 – october/backend

Package

Manager: composer
Name: october/backend
Vulnerable Version: >=1.0.319 <1.0.470

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS: 0.00049 pctl0.1469

Details

Privilege escalation by backend users assigned to the default "Publisher" system role ### Impact Backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has the ability to escalate their access to "Developer" access. ### Patches Issue has been patched in Build 470 (v1.0.470) & v1.1.1. ### Workarounds Apply https://github.com/octobercms/october/commit/78a37298a4ed4602b383522344a31e311402d829 to your installation manually if unable to upgrade to Build 470 or v1.1.1. ### References Reported by [Hoan Hoang](https://github.com/hoanhp) ### For more information If you have any questions or comments about this advisory: * Email us at [hello@octobercms.com](mailto:hello@octobercms.com) ### Threat assessment: <img width="1098" alt="Screen Shot 2020-10-10 at 1 37 25 PM" src="https://user-images.githubusercontent.com/7253840/95663611-e6326c80-0afd-11eb-8a1e-8b767a7202fb.png">

Metadata

Created: 2020-11-23T19:47:27Z
Modified: 2021-11-19T13:40:25Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/11/GHSA-rfjc-xrmf-5vvw/GHSA-rfjc-xrmf-5vvw.json
CWE IDs: ["CWE-269", "CWE-863"]
Alternative ID: GHSA-rfjc-xrmf-5vvw
Finding: F159
Auto approve: 1