PT-2020-16326 · Tangro · Tangro Business Workflow

Published

2020-12-18

Updated

2021-07-21

CVE-2020-26171

CVSS v3.1

4.3

Medium

Vector

AC:L/AV:N/A:N/C:N/I:L/PR:L/S:U/UI:N

Name of the Vulnerable Software and Affected Versions tangro Business Workflow versions prior to 1.18.1

Description The issue allows users to manipulate the documentId of attachment uploads to the "/api/document/attachments/upload" API endpoint. This manipulation enables users to add attachments to workitems that do not belong to them.

Recommendations For versions prior to 1.18.1, update to version 1.18.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/api/document/attachments/upload" API endpoint to prevent unauthorized attachment uploads.

Exploit

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2020-26171

Affected Products

Tangro Business Workflow

PT-2020-16326 · Tangro · Tangro Business Workflow

CVE-2020-26171

Weakness Enumeration

Related Identifiers

Affected Products

References · 5