CVE-2022-34112 The access control issue in Dataease v1.11.1 lets attackers uninstall the plugin.

This can be exploited by an attacker who controls a site for which the plugin is installed. In order to exploit this issue, the attacker must have the permission to uninstall the plugin. Additionally, the attacker must have access to the component /api/plugin. Uninstalling the plugin grants the attacker the right to uninstall the plugin on all sites where it is installed. This can be particularly dangerous on a corporate network, where a malicious employee can install the plugin and then access the network and company data as if they were an administrator. A possible mitigation for this issue would be to require administrators to be authenticated before they can uninstall the plugin. This can be done by checking the access rights of an administrator who wants to uninstall the plugin.

CVE-2022-34113

This can be exploited by an attacker who controls a site for which the plugin is installed. In order to exploit this issue, the attacker must have the permission to uninstall the plugin. Additionally, the attacker must have access to the component /api/plugin. Uninstalling the plugin grants the attacker the right to uninstall the plugin on all sites where it is installed. This can be particularly dangerous on a corporate network, where a malicious employee can install the plugin and then access the network and company data as if they were an administrator. A possible mitigation for this issue would be to require administrators to be authenticated before they can uninstall the plugin. This can be done by checking the access rights of an administrator who wants to uninstall the plugin.

Timeline

Published on: 07/22/2022 23:15:00 UTC
Last modified on: 07/31/2022 01:11:00 UTC

References