CVE-2024-27915

EUVD-2024-0952

06.03.2024, 20:15

Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 MEDIUM	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Affected Products (NVD)

Vendor	Product	Version
sulu	sulu	2.2.0 ≤ 𝑥 < 2.4.17
sulu	sulu	2.5.0 ≤ 𝑥 < 2.5.13

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
sulu	sulu	2.2.0 ≤ 𝑥 < 2.4.17	ADP
sulu	sulu	2.5.0-alpha1 ≤ 𝑥 < 2.5.13	ADP

Common Weakness Enumeration

CWE-863 - Incorrect Authorization
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References

https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da

https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p

https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da

https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p