CVE-2022-23055: ERPNext - Improper user access conrol
First published: Wed Mar 09 2022(Updated: )
In ERPNext, versions v11.0.0-beta through v13.0.2 are vulnerable to Missing Authorization, in the chat rooms functionality. A low privileged attacker can send a direct message or a group message to any member or group, impersonating themselves as the administrator. The attacker can also read chat messages of groups that they do not belong to, and of other users.
Credit: vulnerabilitylab@mend.io
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ERPNext | >=11.0.4<13.1.0 | |
| ERPNext | =11.0.3-beta1 | |
| ERPNext | =11.0.3-beta10 | |
| ERPNext | =11.0.3-beta11 | |
| ERPNext | =11.0.3-beta12 | |
| ERPNext | =11.0.3-beta13 | |
| ERPNext | =11.0.3-beta14 | |
| ERPNext | =11.0.3-beta15 | |
| ERPNext | =11.0.3-beta16 | |
| ERPNext | =11.0.3-beta17 | |
| ERPNext | =11.0.3-beta18 | |
| ERPNext | =11.0.3-beta19 | |
| ERPNext | =11.0.3-beta2 | |
| ERPNext | =11.0.3-beta20 | |
| ERPNext | =11.0.3-beta21 | |
| ERPNext | =11.0.3-beta22 | |
| ERPNext | =11.0.3-beta23 | |
| ERPNext | =11.0.3-beta24 | |
| ERPNext | =11.0.3-beta25 | |
| ERPNext | =11.0.3-beta26 | |
| ERPNext | =11.0.3-beta27 | |
| ERPNext | =11.0.3-beta28 | |
| ERPNext | =11.0.3-beta29 | |
| ERPNext | =11.0.3-beta3 | |
| ERPNext | =11.0.3-beta30 | |
| ERPNext | =11.0.3-beta31 | |
| ERPNext | =11.0.3-beta32 | |
| ERPNext | =11.0.3-beta33 | |
| ERPNext | =11.0.3-beta34 | |
| ERPNext | =11.0.3-beta35 | |
| ERPNext | =11.0.3-beta36 | |
| ERPNext | =11.0.3-beta37 | |
| ERPNext | =11.0.3-beta4 | |
| ERPNext | =11.0.3-beta5 | |
| ERPNext | =11.0.3-beta6 | |
| ERPNext | =11.0.3-beta7 | |
| ERPNext | =11.0.3-beta8 | |
| ERPNext | =11.0.3-beta9 |
Remedy
Update version to v13.1.0 or later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-23055?
The severity of CVE-2022-23055 is medium (5.4).
How does CVE-2022-23055 affect ERPNext versions?
CVE-2022-23055 affects ERPNext versions v11.0.0-beta through v13.0.2.
What is the vulnerability in ERPNext versions v11.0.0-beta through v13.0.2?
The vulnerability in ERPNext versions v11.0.0-beta through v13.0.2 is Missing Authorization in the chat rooms functionality.
How can a low privileged attacker exploit CVE-2022-23055?
A low privileged attacker can send direct messages or group messages to any member or group, impersonating themselves as the administrator and read chat messages.
Where can I find more information about CVE-2022-23055?
You can find more information about CVE-2022-23055 at the following references: [link1](https://github.com/frappe/frappe/blob/v13.0.2/frappe/chat/doctype/chat_message/chat_message.py#L134), [link2](https://github.com/frappe/frappe/blob/v13.0.2/frappe/chat/doctype/chat_message/chat_message.py#L155), [link3](https://www.mend.io/vulnerability-database/CVE-2022-23055).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/remedy
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/frappe
- canonical/erpnext
- version/erpnext/11.0.4
- version/erpnext/11.0.3-beta1
- version/erpnext/11.0.3-beta10
- version/erpnext/11.0.3-beta11
- version/erpnext/11.0.3-beta12
- version/erpnext/11.0.3-beta13
- version/erpnext/11.0.3-beta14
- version/erpnext/11.0.3-beta15
- version/erpnext/11.0.3-beta16
- version/erpnext/11.0.3-beta17
- version/erpnext/11.0.3-beta18
- version/erpnext/11.0.3-beta19
- version/erpnext/11.0.3-beta2
- version/erpnext/11.0.3-beta20
- version/erpnext/11.0.3-beta21
- version/erpnext/11.0.3-beta22
- version/erpnext/11.0.3-beta23
- version/erpnext/11.0.3-beta24
- version/erpnext/11.0.3-beta25
- version/erpnext/11.0.3-beta26
- version/erpnext/11.0.3-beta27
- version/erpnext/11.0.3-beta28
- version/erpnext/11.0.3-beta29
- version/erpnext/11.0.3-beta3
- version/erpnext/11.0.3-beta30
- version/erpnext/11.0.3-beta31
- version/erpnext/11.0.3-beta32
- version/erpnext/11.0.3-beta33
- version/erpnext/11.0.3-beta34
- version/erpnext/11.0.3-beta35
- version/erpnext/11.0.3-beta36
- version/erpnext/11.0.3-beta37
- version/erpnext/11.0.3-beta4
- version/erpnext/11.0.3-beta5
- version/erpnext/11.0.3-beta6
- version/erpnext/11.0.3-beta7
- version/erpnext/11.0.3-beta8
- version/erpnext/11.0.3-beta9