CVE-2021-3986

A vulnerability in janeczku/calibre-web allows unauthorized users to view the names of private shelves belonging to other users. This issue occurs in the file shelf.py at line 221, where the name of the shelf is exposed in an error message when a user attempts to remove a book from a shelf they do not own. This vulnerability discloses private information and affects all versions prior to the fix.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/janeczku/calibre-web/commit/6f5390ead5df9779ac81fadefffb476e03f93548	Patch
https://huntr.com/bounties/394af194-61a7-4e33-b373-877d4c766fca	Exploit Issue Tracking Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-11-15 11:15

Updated : 2024-11-19 17:12

NVD link : CVE-2021-3986

Mitre link : CVE-2021-3986

CVE.ORG link : CVE-2021-3986

JSON object : View

Products Affected

janeczku

calibre-web

CWE

CWE-209

Generation of Error Message Containing Sensitive Information

{"id": "CVE-2021-3986", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-11-15T11:15:06.400", "references": [{"url": "https://github.com/janeczku/calibre-web/commit/6f5390ead5df9779ac81fadefffb476e03f93548", "tags": ["Patch"], "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/394af194-61a7-4e33-b373-877d4c766fca", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "security@huntr.dev"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-209"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in janeczku/calibre-web allows unauthorized users to view the names of private shelves belonging to other users. This issue occurs in the file shelf.py at line 221, where the name of the shelf is exposed in an error message when a user attempts to remove a book from a shelf they do not own. This vulnerability discloses private information and affects all versions prior to the fix."}, {"lang": "es", "value": "Una vulnerabilidad en janeczku/calibre-web permite a usuarios no autorizados ver los nombres de los estantes privados que pertenecen a otros usuarios. Este problema se produce en el archivo shelf.py en la l\u00ednea 221, donde el nombre del estante se expone en un mensaje de error cuando un usuario intenta eliminar un libro de un estante que no es de su propiedad. Esta vulnerabilidad revela informaci\u00f3n privada y afecta a todas las versiones anteriores a la correcci\u00f3n."}], "lastModified": "2024-11-19T17:12:50.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB86DF8E-5F67-41CA-B657-D8E0A61CD22A", "versionEndExcluding": "0.6.15"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}