CVE-2024-3164

Name of the Vulnerable Software and Affected Versions dotCMS version 22.02

Description The issue concerns the dotCMS dashboard, specifically the Tools and Log Files tabs under System → Maintenance Portlet. This portlet, which is intended for Admin access, is accessible to anyone with the portlet, not just CMS Admins. As a result, users with site admin roles, but not system admin roles, can access sensitive information, including database usernames and passwords under Log Files, and download database dumps and other dotCMS content under Tools. Only system admins should have access to System Maintenance. This issue relates to broken access control and insecure design.

Recommendations Update dotCMS to a version that includes the fix for this issue. Restrict access to the Maintenance Portlet to system admins only. As a temporary workaround, consider disabling access to the Tools and Log Files tabs under System → Maintenance Portlet for users with site admin roles until a patch is available.