cbcvebase.

Cachethq Cachet vulnerabilities

5 known vulnerabilities affecting cachethq/cachet.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH5

Vulnerabilities

Page 1 of 1
CVE-2023-43661P2HIGHCVSS 8.8fixed in 2.42023-10-11
CVE-2023-43661 [HIGH] CWE-94 CVE-2023-43661: Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch contains a patch for this issue.
ghsanvdosv
CVE-2021-39165P3HIGHPoC≥ 0, ≤ 2.3.182021-08-30
CVE-2021-39165 [HIGH] CWE-287 Unauthenticated SQL Injection in Cachet Unauthenticated SQL Injection in Cachet ### Impact In Cachet versions through 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. ### Patches The original repository of [https://github.com/CachetHQ/Cachet](https://github.com/CachetHQ/Cachet
ghsaosv
CVE-2021-39172P2HIGH≥ 0, < 2.5.12021-08-30
CVE-2021-39172 [HIGH] CWE-93 Cachet vulnerable to new line injection during configuration edition Cachet vulnerable to new line injection during configuration edition ### Impact Authenticated users, regardless of their privileges (_User_ or _Admin_), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server. ### Patches This issue was addressed by improving `UpdateConfigCommandHandler` and preventing the use of
ghsaosv
CVE-2021-39173P3HIGH≥ 0, < 2.5.12021-08-30
CVE-2021-39173 [HIGH] CWE-704 Cachet vulnerable to forced reinstall Cachet vulnerable to forced reinstall ### Impact Authenticated users, regardless of their privileges (_User_ or _Admin_), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. ### Patches This issue was addressed by improving the middleware `ReadyForUse`, which now performs a stricter validation of the instance name. ### Workarounds Only allow trusted source IP addresses to acc
ghsaosv
CVE-2021-39174P3HIGH≥ 0, < 2.5.12021-08-30
CVE-2021-39174 [HIGH] CWE-75 Cachet configuration leak Cachet configuration leak ### Impact Authenticated users, regardless of their privileges (_User_ or _Admin_), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). ### Patches This issue was addressed by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. ### Workarou
ghsaosv
Cachethq Cachet vulnerabilities | cvebase