Issue CVE-2023-28473 Concrete CMS (previously concrete5) before 9.2 is vulnerable to possible Auth bypass in the jobs section
This has been flagged by a client on a v8 site.
It’s been addresses in v9, but is there a v8 fix somewhere we can apply?
Is this a real threat, or just one of those obscure security glitches that is not exploitable in the real world? ie, in order to bypass permissions when running a job, a user need to be a site admin or have CLI access anyway.
Not sure, but mentioned here:
And here:
That boils down to (scores /10)
CVSS Base Score:
2.2
Impact Subscore:
1.4
Exploitability Subscore:
0.7
My reading is that for most sites (protected host login, single host admin, no granting of job permissions beyond administrators) that it can’t be exploited.
The 0.7/10 would be because it is conceivable that an administrator could run a job that internally does something a super-admin could do. Or that someone with host CLI access could run a job through the CLI without any site admin access.
I see, thanks for the detail on that.
So in our case it would definitely agree with what you are saying.