CVE-2024-7394

Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v4.0 rank of 4.6 with vector https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N. Thanks, m3dium for reporting. (CNA updated this risk rank on 20 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC)

CVSS v3 4.8 MEDIUM

4.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes?pk_vid=e367a434ef4830491723055753d52041	Release Notes Vendor Advisory
https://documentation.concretecms.org/developers/introduction/version-history/8518-release-notes?pk_vid=e367a434ef4830491723055758d52041	Release Notes Vendor Advisory
https://github.com/concretecms/concretecms/commit/c08d9671cec4e7afdabb547339c4bc0bed8eab06	Patch
https://github.com/concretecms/concretecms/pull/12166	Issue Tracking Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:concretecms:concrete_cms::::::::
	cpe:2.3:a:concretecms:concrete_cms::::::::

History

21 Jan 2025, 00:15

Type	Values Removed	Values Added
Summary	(en) Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v3.1 rank of 2 with vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator and a CVSS v4.0 rank of 1.8 with vector CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N . Thanks, m3dium for reporting.	(en) Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v4.0 rank of 4.6 with vector https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N. Thanks, m3dium for reporting. (CNA updated this risk rank on 20 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC)

29 Aug 2024, 13:41

Type	Values Removed	Values Added
CWE		CWE-79
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.8
References	~~() https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes?pk_vid=e367a434ef4830491723055753d52041 -~~	() https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes?pk_vid=e367a434ef4830491723055753d52041 - Release Notes, Vendor Advisory
References	~~() https://documentation.concretecms.org/developers/introduction/version-history/8518-release-notes?pk_vid=e367a434ef4830491723055758d52041 -~~	() https://documentation.concretecms.org/developers/introduction/version-history/8518-release-notes?pk_vid=e367a434ef4830491723055758d52041 - Release Notes, Vendor Advisory
References	~~() https://github.com/concretecms/concretecms/commit/c08d9671cec4e7afdabb547339c4bc0bed8eab06 -~~	() https://github.com/concretecms/concretecms/commit/c08d9671cec4e7afdabb547339c4bc0bed8eab06 - Patch
References	~~() https://github.com/concretecms/concretecms/pull/12166 -~~	() https://github.com/concretecms/concretecms/pull/12166 - Issue Tracking, Patch
CPE		cpe:2.3:a:concretecms:concrete_cms::::::::
Summary		(es) Las versiones 9 a 9.3.2 y anteriores a 8.5.18 de Concrete CMS son vulnerables a XSS Almacenado en getAttributeSetName(). Un administrador deshonesto podría inyectar código malicioso. El equipo de Concrete CMS le dio a esto un rango CVSS v3.1 de 2 con vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N https:/ /nvd.nist.gov/vuln-metrics/cvss/v3-calculator y un rango CVSS v4.0 de 1,8 con vector CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A /VC:L/VI:L/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC: H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N . Gracias, m3dium por informar.
First Time		Concretecms concrete Cms Concretecms

08 Aug 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-08 17:15

Updated : 2025-01-21 00:15

NVD link : CVE-2024-7394

Mitre link : CVE-2024-7394

CVE.ORG link : CVE-2024-7394

JSON object : View

Products Affected

concretecms

concrete_cms

CWE

CWE-20

Improper Input Validation

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2024-7394", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.7}], "cvssMetricV40": [{"type": "Secondary", "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 4.6, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "LOW", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-08-08T17:15:20.023", "references": [{"url": "https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes?pk_vid=e367a434ef4830491723055753d52041", "tags": ["Release Notes", "Vendor Advisory"], "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"}, {"url": "https://documentation.concretecms.org/developers/introduction/version-history/8518-release-notes?pk_vid=e367a434ef4830491723055758d52041", "tags": ["Release Notes", "Vendor Advisory"], "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"}, {"url": "https://github.com/concretecms/concretecms/commit/c08d9671cec4e7afdabb547339c4bc0bed8eab06", "tags": ["Patch"], "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"}, {"url": "https://github.com/concretecms/concretecms/pull/12166", "tags": ["Issue Tracking", "Patch"], "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ff5b8ace-8b95-4078-9743-eac1ca5451de", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v4.0 rank of 4.6 with vector https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N. Thanks, m3dium for reporting. (CNA updated this risk rank on 20 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC)"}, {"lang": "es", "value": "Las versiones 9 a 9.3.2 y anteriores a 8.5.18 de Concrete CMS son vulnerables a XSS Almacenado en getAttributeSetName(). Un administrador deshonesto podr\u00eda inyectar c\u00f3digo malicioso. El equipo de Concrete CMS le dio a esto un rango CVSS v3.1 de 2 con vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N https:/ /nvd.nist.gov/vuln-metrics/cvss/v3-calculator y un rango CVSS v4.0 de 1,8 con vector CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A /VC:L/VI:L/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC: H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N . Gracias, m3dium por informar."}], "lastModified": "2025-01-21T00:15:25.357", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4066C924-46C2-48F4-AA67-2664B6AC24FE", "versionEndExcluding": "8.5.18"}, {"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22477475-FE69-4804-B73E-B3F268F16FE7", "versionEndExcluding": "9.3.3", "versionStartIncluding": "9.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "ff5b8ace-8b95-4078-9743-eac1ca5451de"}

4.8 /10