CVE-2024-46097

TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function you can change the tplan_id parameter to another ID. The application does not carry out a check on the user's permissions maing it possible to recover the IDs of all the TestPlans (even the administrative ones) and modify them even with minimal privileges.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/Alkatraz97/CVEs/blob/main/CVE-2024-46097.md	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:testlink:testlink:1.9.20:*:*:*:*:*:*:*

History

10 Jul 2025, 15:33

Type	Values Removed	Values Added
First Time		Testlink testlink Testlink
CPE		cpe:2.3:a:testlink:testlink:1.9.20:::::::*
References	~~() https://github.com/Alkatraz97/CVEs/blob/main/CVE-2024-46097.md -~~	() https://github.com/Alkatraz97/CVEs/blob/main/CVE-2024-46097.md - Exploit, Third Party Advisory

Information

Published : 2024-09-27 18:15

Updated : 2025-07-10 15:33

NVD link : CVE-2024-46097

Mitre link : CVE-2024-46097

CVE.ORG link : CVE-2024-46097

JSON object : View

Products Affected

testlink

testlink

CWE

CWE-284

Improper Access Control

{"id": "CVE-2024-46097", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-09-27T18:15:05.687", "references": [{"url": "https://github.com/Alkatraz97/CVEs/blob/main/CVE-2024-46097.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function you can change the tplan_id parameter to another ID. The application does not carry out a check on the user's permissions maing it possible to recover the IDs of all the TestPlans (even the administrative ones) and modify them even with minimal privileges."}, {"lang": "es", "value": "TestLink 1.9.20 es vulnerable a un Control de Acceso Incorrecto en la secci\u00f3n de edici\u00f3n de TestPlan. Cuando se crea un nuevo TestPlan, se genera autom\u00e1ticamente un ID con un valor incremental. Mediante la funci\u00f3n de edici\u00f3n se puede cambiar el par\u00e1metro tplan_id por otro ID. La aplicaci\u00f3n no realiza una comprobaci\u00f3n de los permisos del usuario, por lo que es posible recuperar los ID de todos los TestPlans (incluso los administrativos) y modificarlos incluso con privilegios m\u00ednimos."}], "lastModified": "2025-07-10T15:33:02.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:testlink:testlink:1.9.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1007C963-3BC2-41CF-9C5F-C8F54EAAAF8A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}