CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-54792

High Severity
SVRS
58/100
CVSSv3
6.1/10
EPSS
0.00004/1

CVE-2024-54792: A CSRF vulnerability affects SpagoBI v3.5.1. This security flaw allows attackers to trick authenticated users into performing unauthorized actions, such as user management modifications. The vulnerability exists within the user administration panel. Although the CVSS score is 6.1, the SOCRadar Vulnerability Risk Score (SVRS) is 58, indicating a moderate risk that should be addressed promptly. Successful exploitation could lead to unauthorized user account creation, modification, or deletion, potentially compromising the entire SpagoBI system. Due to the presence of this vulnerability 'In The Wild', patching this should be addressed as soon as possible. Addressing this risk is crucial to maintaining the integrity and confidentiality of the SpagoBI platform and its user data.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:R
S:C
C:L
I:L
A:N
PUBLICATION DATE2025-01-21
LAST MODIFIED2025-01-21
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-54792 describes a Cross-Site Request Forgery (CSRF) vulnerability in SpagoBI v3.5.1. This vulnerability exists within the user administration panel, enabling an authenticated user to trick another user into executing unintended actions within the application. These actions could include adding, editing, or deleting users, potentially compromising user accounts and system integrity.

Key Insights

  • Severity: While the CVSS score for CVE-2024-54792 is 6.1, the SOCRadar Vulnerability Risk Score (SVRS) is 30. This discrepancy highlights the difference in the scoring approaches, with SVRS factoring in broader threat intelligence data. In this case, SVRS indicates a lower immediate risk compared to the CVSS score. However, the presence of the vulnerability in "The Wild" suggests active exploitation.
  • Impact: Successful exploitation of this vulnerability could lead to unauthorized user account modifications, potentially compromising system access and data integrity.
  • Exploit Status: CVE-2024-54792 is currently being actively exploited in the wild. This means attackers are using this vulnerability to compromise systems.
  • Threat Actors: No specific threat actors or APT groups have been publicly associated with the exploitation of CVE-2024-54792. However, the fact that the vulnerability is being exploited in the wild indicates active interest from malicious actors.

Mitigation Strategies

  1. Patching: The most effective mitigation strategy is to promptly patch SpagoBI to a version that addresses CVE-2024-54792. This ensures the vulnerability is no longer present and protects against potential exploitation.
  2. Input Validation and Sanitization: Implementing robust input validation and sanitization mechanisms can help prevent CSRF attacks. This involves filtering and validating user input to ensure it adheres to expected formats and does not contain malicious scripts.
  3. CSRF Protection Mechanisms: Consider implementing CSRF protection mechanisms, such as CSRF tokens, to further enhance security. These mechanisms introduce unpredictable values into form submissions, making it difficult for attackers to craft malicious requests.
  4. User Education and Awareness: Educate users about the risks of CSRF attacks and encourage them to be cautious when interacting with websites and applications. Emphasize the importance of reporting any suspicious activity.

Additional Information

If you have further questions regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

SpagoBI 3.5.1 Cross Site Request Forgery
MarioTesoro2025-03-01
SpagoBI 3.5.1 Cross Site Request Forgery | Topic: SpagoBI 3.5.1 Cross Site Request Forgery Risk: Low Text:# CVE-2024-54792 **Severity :** **Medium** (**6.1**) **CVSS score :** `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N` ...
securityreason.com
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://github.com/MarioTesoro/CVE-2024-54792
GITHUBhttps://github.com/MarioTesoro/CVE-2024-54792

CWE Details

CWE IDCWE NameDescription
CWE-352Cross-Site Request Forgery (CSRF)The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence