CVE-2021-39196 : pcapture is an open source dumpcap web service interface . In affected versions

pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater.

Published 2021-09-07 19:15:09

Updated 2022-08-05 10:55:10

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2021-39196

Pcapture Project » Pcapture
Versions before (<) 3.12
cpe:2.3:a:pcapture_project:pcapture:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-39196

EPSS FAQ

0.22%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 41 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-39196

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:L/Au:S/C:C/I:N/A:N	8.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: None Availability Impact: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
7.7	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N	3.1	4.0	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-39196

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: security-advisories@github.com (Secondary)
CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-39196

https://github.com/jdhwpgmbca/pcapture/issues/7

findFilter() returning null for filter when invalid url_suffix used passed to user. · Issue #7 · jdhwpgmbca/pcapture · GitHub
Issue Tracking;Patch;Third Party Advisory
https://github.com/jdhwpgmbca/pcapture/commit/0f74f431e0970a2e5784dbd955cfa4760e3b1ef7

Fixed major security bug. · jdhwpgmbca/pcapture@0f74f43 · GitHub
Patch;Third Party Advisory
https://github.com/jdhwpgmbca/pcapture/security/advisories/GHSA-3r67-fxpr-p2qx

Authenticated non-privileged user can request unfiltered data without adequate permissions. · Advisory · jdhwpgmbca/pcapture · GitHub
Issue Tracking;Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-39196

Products affected by CVE-2021-39196

Exploit prediction scoring system (EPSS) score for CVE-2021-39196

CVSS scores for CVE-2021-39196

CWE ids for CVE-2021-39196

References for CVE-2021-39196