PT-2022-12709 · Strapi · Strapi

Published

2022-05-03

Updated

2022-07-12

CVE-2021-46440

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Strapi versions prior to 3.6.9 Strapi versions 4.x prior to 4.1.5

Description The issue arises from storing passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi. This allows an attacker to access a victim's HTTP request, obtain the victim's cookie, perform a base64 decode on the cookie, and obtain a cleartext password. This can lead to the attacker getting API documentation for further API attacks.

Recommendations For Strapi versions prior to 3.6.9, update to version 3.6.9 or later. For Strapi versions 4.x prior to 4.1.5, update to version 4.1.5 or later. As a temporary workaround, consider restricting access to the DOCUMENTATION plugin component until a patch is available.

Exploit

Fix

Insecure Storage of Sensitive Information

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-922CWE-522

Related Identifiers

CVE-2021-46440

GHSA-85VG-GRR5-PW42

Affected Products

Strapi

PT-2022-12709 · Strapi · Strapi

CVE-2021-46440

Weakness Enumeration

Related Identifiers

Affected Products

References · 9