Vulnerability Details : CVE-2021-41082

Discourse is a platform for community discussion. In affected versions any private message that includes a group had its title and participating user exposed to users that do not have access to the private messages. However, access control for the private messages was not compromised as users were not able to view the posts in the leaked private message despite seeing it in their inbox. The problematic commit was reverted around 32 minutes after it was made. Users are encouraged to upgrade to the latest commit if they are running Discourse against the `tests-passed` branch.

Vulnerability category: Information leak

Published 2021-09-20 21:15:08

Updated 2021-10-04 18:07:10

Source GitHub, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2021-41082

Probability of exploitation activity in the next 30 days: 0.11%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 44 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-41082

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	nvd@nist.gov
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	security-advisories@github.com
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-41082

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: security-advisories@github.com (Secondary)
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-41082

https://github.com/discourse/discourse/commit/ddb458343dc39a7a8c99467dcd809b444514fe2c

PERF: Improve query performance all inbox private messages. (#14304) · discourse/discourse@ddb4583 · GitHub
Patch;Third Party Advisory
https://github.com/discourse/discourse/commit/27bad28c530c89acab35a56b945b6a3924280f4b

Partially revert "PERF: Improve query performance all inbox private m… · discourse/discourse@27bad28 · GitHub
Patch;Third Party Advisory
https://github.com/discourse/discourse/security/advisories/GHSA-vm3x-w6jm-j9vv

Group private messages title and participating users are leaked to users that do not have access. · Advisory · discourse/discourse · GitHub
Third Party Advisory

Products affected by CVE-2021-41082

Discourse » Discourse
Versions before (<) 2021-09-14
cpe:2.3:a:discourse:discourse:*:*:*:*:*:*:*:*
Matching versions