CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-52305

High Severity
SVRS
49/100
CVSSv3
4.8/10
EPSS
0.00015/1

CVE-2024-52305 in UnoPim allows for session cookie theft. This vulnerability involves the creation of a new admin user with the ability to upload a profile image, where a malicious SVG file can be uploaded. The embedded script within the SVG then executes when the image is accessed. While the CVSS score is 4.8, indicating moderate severity, the SOCRadar Vulnerability Risk Score (SVRS) is 49, suggesting a notable level of risk that shouldn't be ignored, even though it's below the critical threshold of 80. This is a significant security risk because successful exploitation can lead to unauthorized access to user accounts and sensitive data within the UnoPim system. Update to version 0.1.5 to mitigate this issue. The vulnerability highlights the importance of proper input validation to prevent malicious file uploads.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:H
UI:R
S:C
C:L
I:L
A:N
PUBLICATION DATE2024-11-13
LAST MODIFIED2024-11-19
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-52305 affects UnoPim, an open-source Product Information Management (PIM) system. This vulnerability arises from a flaw in the user creation process, specifically in the profile image upload functionality. Attackers can exploit this by uploading malicious SVG files containing embedded JavaScript. When the profile image is accessed, the script executes, potentially leading to the theft of session cookies.

The SVRS score of 38 indicates a moderate level of risk. While not as critical as scores above 80, this vulnerability warrants immediate attention due to the potential for session hijacking and subsequent data breaches.

Key Insights

  • Session Hijacking: The primary risk associated with CVE-2024-52305 is session hijacking. The embedded script can potentially steal session cookies, allowing attackers to impersonate legitimate users and gain unauthorized access to sensitive data and functionalities.
  • Wide Impact: UnoPim, being an open-source PIM system, could be used by various organizations. This vulnerability poses a potential threat to all systems running vulnerable versions of UnoPim.
  • Cross-Site Scripting (XSS): The exploitation technique leverages a classic XSS vulnerability, where malicious scripts are injected into trusted content.
  • Simple Exploitation: The attack vector is relatively simple, requiring only the ability to upload a malicious SVG file. This makes it accessible to a wider range of attackers.

Mitigation Strategies

  • Upgrade to the Latest Version: Immediately upgrade UnoPim to version 0.1.5 or later, which includes the fix for this vulnerability.
  • Disable Profile Image Upload: If an upgrade is not immediately possible, temporarily disable the profile image upload feature as a precautionary measure.
  • Implement Input Validation: Implement robust input validation mechanisms to prevent the upload of malicious SVG files.
  • Web Application Firewall (WAF): Configure your WAF to block requests containing suspicious SVG files, including those with embedded scripts.

Additional Information

If users have further questions about this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

🚨 CVE-2024-52305: Problematic vuln in UnoPim Profile Image Handler leads to incomplete uploaded file ID. Risk: Potential remote attacks. Upgrade affected component ASAP to mitigate. #CyberSecurity #VulnerabilityManagement
0
0
0
CVE-2024-52305 SVG XSS Vulnerability in UnoPim Allows Admin Session Hijacking UnoPim is a free Product Information Management system. It uses the Laravel framework. There is a vulnerability in the Create User pro... https://t.co/BSnZjY3G7z
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
SECURITY-ADVISORIES@GITHUB.COMhttps://github.com/unopim/unopim/commit/9a0da7a0892c60f58df2351b5a9498dcb4cb8b7a
SECURITY-ADVISORIES@GITHUB.COMhttps://github.com/unopim/unopim/security/advisories/GHSA-cgr4-c233-h733
GITHUBhttps://github.com/unopim/unopim/security/advisories/GHSA-cgr4-c233-h733

CWE Details

CWE IDCWE NameDescription
CWE-692Incomplete Denylist to Cross-Site ScriptingThe product uses a denylist-based protection mechanism to defend against XSS attacks, but the denylist is incomplete, allowing XSS variants to succeed.
CWE-616Incomplete Identification of Uploaded File Variables (PHP)The PHP application uses an old method for processing uploaded files by referencing the four global variables that are set for each file (e.g. $varname, $varname_size, $varname_name, $varname_type). These variables could be overwritten by attackers, causing the application to process unauthorized files.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence