Improper Privilege Management Affecting vaultwarden package, versions >=0.0.0


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.04% (11th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Improper Privilege Management vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-RUST-VAULTWARDEN-8548013
  • published22 Dec 2024
  • disclosed20 Dec 2024
  • creditMathijs van Veluw

Introduced: 20 Dec 2024

NewCVE-2024-56335  (opens in a new tab)
CWE-269  (opens in a new tab)

How to fix?

A fix was pushed into the master branch but not yet published.

Overview

Affected versions of this package are vulnerable to Improper Privilege Management which allows an attacker to modify or delete group memberships by exploiting the knowledge of UUIDs for organizations and groups.

Note: This is only exploitable if:

  1. The server has the ORG_GROUPS_ENABLED setting enabled, which is disabled by default.

  2. The attacker has a user account on the server.

  3. The attacker's account has admin or owner permissions in an unrelated organization.

  4. The attacker knows the target organization's UUID and the target group's UUID.

Workaround

Users who are unable to upgrade to the fixed version are advised to disable ORG_GROUPS_ENABLED or SIGNUPS_ALLOWED, which respectively disable group functionality or prevent new account creation.

CVSS Scores

version 4.0
version 3.1