CVE-2024-39344

An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is installed via the marketplace from this package and stores some configuration information in a manner that could be compromised. With the default settings when installed for all users, the object can be accessible and (via its fields) could disclose some keys. These disclosed components can be combined to create a valid session via the Docusign API. This will generally lead to a complete compromise of the Docusign account because the session is for an administrator service account and may have permission to re-authenticate as specific users with the same authorization flow.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://deneyed.com/blog/conga/
https://login.salesforce.com/packaging/installPackage.apexp?p0=04t6S000000YUDxQAO

Configurations

No configuration.

History

No history.

Information

Published : 2024-08-21 16:15

Updated : 2024-08-26 16:35

NVD link : CVE-2024-39344

Mitre link : CVE-2024-39344

CVE.ORG link : CVE-2024-39344

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2024-39344", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-08-21T16:15:08.013", "references": [{"url": "https://deneyed.com/blog/conga/", "source": "cve@mitre.org"}, {"url": "https://login.salesforce.com/packaging/installPackage.apexp?p0=04t6S000000YUDxQAO", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is installed via the marketplace from this package and stores some configuration information in a manner that could be compromised. With the default settings when installed for all users, the object can be accessible and (via its fields) could disclose some keys. These disclosed components can be combined to create a valid session via the Docusign API. This will generally lead to a complete compromise of the Docusign account because the session is for an administrator service account and may have permission to re-authenticate as specific users with the same authorization flow."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en el paquete API de Docusign 8.142.14 para Salesforce. El objeto Apttus_DocuApi__DocusignAuthentication__mdt se instala a trav\u00e9s del mercado desde este paquete y almacena cierta informaci\u00f3n de configuraci\u00f3n de una manera que podr\u00eda verse comprometida. Con la configuraci\u00f3n predeterminada cuando se instala para todos los usuarios, se puede acceder al objeto y (a trav\u00e9s de sus campos) podr\u00eda revelar algunas claves. Estos componentes revelados se pueden combinar para crear una sesi\u00f3n v\u00e1lida a trav\u00e9s de la API de Docusign. Por lo general, esto comprometer\u00e1 completamente la cuenta de Docusign porque la sesi\u00f3n es para una cuenta de servicio de administrador y puede tener permiso para volver a autenticarse como usuarios espec\u00edficos con el mismo flujo de autorizaci\u00f3n."}], "lastModified": "2024-08-26T16:35:10.110", "sourceIdentifier": "cve@mitre.org"}