CVE-2020-5231

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/opencast/opencast/commit/72fad0031d8a82c860e2bde0b27570c5042320ee", "name": "https://github.com/opencast/opencast/commit/72fad0031d8a82c860e2bde0b27570c5042320ee", "tags": ["Patch"], "refsource": "MISC"}, {"url": "https://github.com/opencast/opencast/security/advisories/GHSA-94qw-r73x-j7hg", "name": "https://github.com/opencast/opencast/security/advisories/GHSA-94qw-r73x-j7hg", "tags": ["Exploit", "Third Party Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users not including the role ROLE_ADMIN. ROLE_COURSE_ADMIN is a non-standard role in Opencast which is referenced neither in the documentation nor in any code (except for tests) but only in the security configuration. From the name \u2013 implying an admin for a specific course \u2013 users would never expect that this role allows user creation. This issue is fixed in 7.6 and 8.1 which both ship a new default security configuration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-276"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-5231", "ASSIGNER": "security-advisories@github.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}}, "publishedDate": "2020-01-30T22:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apereo:opencast:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "7.6"}, {"cpe23Uri": "cpe:2.3:a:apereo:opencast:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-02-10T21:55Z"}