SB2021122016 - Multiple vulnerabilities in Snipe-IT

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper access control (CVE-ID: CVE-2021-4089)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.

2) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2021-4075)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.

Remediation

Install update from vendor's website.

References

• https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862
• https://github.com/snipe/snipe-it/commit/1699c09758e56f740437674a8d6ba36443399f24
• https://github.com/snipe/snipe-it/commit/4612b9e711b3ff5d2bcddbec5b18866d25f8e34e
• https://huntr.dev/bounties/4386fd8b-8c80-42bb-87b8-b506c46597de