Plattform
other
Komponente
organizr
Behoben in
2.1.1810
CVE-2022-1345 affects the nebd component, resulting in a critical vulnerability where systems are considered fully compromised upon installation or execution. This indicates a high likelihood of unauthorized access and control. Affected systems include those with the nebd package installed. The immediate fix involves rotating all secrets and keys from a separate, trusted system and removing the package.
The severity of CVE-2022-1345 stems from the potential for complete system takeover. An attacker exploiting this vulnerability gains full control, enabling them to access and manipulate any data stored on the compromised system. This includes sensitive information like credentials, API keys, and proprietary data. Lateral movement within the network is highly probable, allowing the attacker to pivot to other systems and escalate their privileges. The blast radius extends to any data or services accessible from the compromised host, potentially impacting critical business operations and sensitive customer data. The description explicitly states that removing the package is not a guarantee of complete malware removal, highlighting the severity of the compromise.
CVE-2022-1345 was published on August 19, 2022. The vulnerability is considered highly severe due to the potential for full system compromise. Public proof-of-concept exploits are not currently known, but the description's warning about complete compromise suggests active exploitation is possible. The vulnerability is tracked on the GHSA database (GHSA-878m-99qv-j74v). The lack of a fixed version underscores the urgency of the mitigation steps.
Organizations and individuals utilizing Organizr in their workflows, particularly those who rely on the application for data management or collaboration, are at risk. This includes developers, project managers, and anyone who interacts with the GitHub repository. Shared hosting environments where multiple users have upload privileges are particularly vulnerable.
• other / generic web:
curl -I 'https://your-organizr-instance/path/to/uploaded_file.svg' | grep -i 'content-security-policy'• generic web:
grep -r '<script>' /var/log/apache2/access.log• generic web:
grep -r '<script>' /var/log/nginx/error.logdisclosure
patch
Exploit-Status
EPSS
0.33% (56% Perzentil)
CVSS-Vektor
Due to the nature of the vulnerability, immediate action is paramount. The primary mitigation step is to rotate all secrets and keys stored on the affected system from a different, trusted computer. This prevents the attacker from leveraging compromised credentials. Following key rotation, the nebd package should be removed from the system. However, given the potential for persistent malware, a thorough system review and potentially a complete re-imaging of the affected system are strongly recommended. There are no specific configuration workarounds or detection signatures applicable to this vulnerability beyond standard malware detection practices.
Actualice Organizr a la versión 2.1.1810 o superior. Esta versión contiene una corrección para la vulnerabilidad XSS almacenada al subir archivos .svg. La actualización evitará la ejecución de scripts maliciosos en el navegador del usuario.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2022-1345 is a stored XSS vulnerability in Organizr versions up to 2.1.1810. It allows attackers to execute malicious scripts by uploading .svg files, potentially leading to session hijacking and data exposure.
If you are using Organizr version 2.1.1810 or earlier, you are potentially affected by this vulnerability. Assess your environment and upgrade as soon as possible.
Upgrade Organizr to version 2.1.1810 or later to remediate the vulnerability. Implement file upload validation as an interim measure.
Public proof-of-concept exploits are available, suggesting a moderate probability of active exploitation. Monitor your systems for suspicious activity.
Refer to the Organizr GitHub repository for updates and advisories related to CVE-2022-1345: https://github.com/causefx/organizr
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.