CVE-2024-9202

{"id": "CVE-2024-9202", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}], "cvssMetricV40": [{"type": "Secondary", "source": "emo@eclipse.org", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 5.3, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "LOW", "vulnerableSystemConfidentiality": "LOW", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-09-27T10:15:02.827", "references": [{"url": "https://github.com/eclipse-edc/Connector/pull/4490", "tags": ["Issue Tracking", "Patch"], "source": "emo@eclipse.org"}, {"url": "https://github.com/eclipse-edc/Connector/pull/4491", "tags": ["Issue Tracking", "Patch"], "source": "emo@eclipse.org"}, {"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/35", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "emo@eclipse.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "emo@eclipse.org", "description": [{"lang": "en", "value": "CWE-862"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which datasets (= data offers) another party can see in a requested catalog, to ensure that only authorized parties are able to view restricted offers.\nHowever, there is the possibility to request a single dataset, which should be subject to the same filtering process, but currently is missing the correct filtering.\n\n\nThis enables parties to potentially see datasets they should not have access to, thereby exposing sensitive information. Exploiting this vulnerability requires knowing the ID of a restricted dataset, but some IDs may be guessed by trying out many IDs in an automated way.\n\n\nAffected code:\n DatasetResolverImpl, L76-79 https://github.com/eclipse-edc/Connector/blob/v0.9.0/core/control-plane/control-plane-catalog/src/main/java/org/eclipse/edc/connector/controlplane/catalog/DatasetResolverImpl.java"}, {"lang": "es", "value": "En las versiones 0.1.3 a 0.9.0 de Eclipse Dataspace Components, el componente Connector filtra qu\u00e9 conjuntos de datos (= ofertas de datos) puede ver otra parte en un cat\u00e1logo solicitado, para garantizar que solo las partes autorizadas puedan ver las ofertas restringidas. Sin embargo, existe la posibilidad de solicitar un \u00fanico conjunto de datos, que deber\u00eda estar sujeto al mismo proceso de filtrado, pero que actualmente no tiene el filtrado correcto. Esto permite que las partes vean potencialmente conjuntos de datos a los que no deber\u00edan tener acceso, lo que expone informaci\u00f3n confidencial. Para explotar esta vulnerabilidad es necesario conocer el ID de un conjunto de datos restringido, pero algunos ID se pueden adivinar probando muchos ID de forma autom\u00e1tica. C\u00f3digo afectado: DatasetResolverImpl, L76-79 https://github.com/eclipse-edc/Connector/blob/v0.9.0/core/control-plane/control-plane-catalog/src/main/java/org/eclipse/edc/connector/controlplane/catalog/DatasetResolverImpl.java"}], "lastModified": "2025-01-09T18:07:29.847", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:eclipse_dataspace_components:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19307830-8F92-4DE4-9921-4E8204DD647E", "versionEndExcluding": "0.9.1", "versionStartIncluding": "0.1.3"}], "operator": "OR"}]}], "sourceIdentifier": "emo@eclipse.org"}