Details of VAR-201608-0190

ID

VAR-201608-0190

CVE

CVE-2016-4834

TITLE

Vtiger CRM does not properly restrict access to application data

Trust: 0.8

sources: JVNDB: JVNDB-2016-000126

DESCRIPTION

modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does not properly restrict user-save actions, which allows remote authenticated users to create or modify user accounts via unspecified vectors. Vtiger CRM is a customer relationship management (CRM) software. Vtiger CRM contains a vulnerability where it does not properly restrict access to user information data. Hirota Kazuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A user with user privileges may create new users or alter existing user information. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. Vtiger CRM 6.4.0 and prior versions are vulnerable. The management system provides functions such as management, collection, and analysis of customer information. The vulnerability is caused by the program not properly restricting the user-save operation

Trust: 2.07

sources: NVD: CVE-2016-4834 // JVNDB: JVNDB-2016-000126 // BID: 92076 // VULHUB: VHN-93653 // VULMON: CVE-2016-4834

AFFECTED PRODUCTS

vendor:	vtiger	model:	crm	scope:	lte	version:	6.4.0	Trust: 1.8
vendor:	vtiger	model:	crm	scope:	eq	version:	6.4.0	Trust: 0.9
vendor:	vtiger	model:	crm	scope:	eq	version:	4	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	2.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	ne	version:	6.5.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.2	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.4.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	4.2.4	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	4.2	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.1	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	6.0.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.2.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	3.2	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.3	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	vtiger	model:	crm	scope:	eq	version:	5.2.1	Trust: 0.3

sources: BID: 92076 // JVNDB: JVNDB-2016-000126 // CNNVD: CNNVD-201607-960 // NVD: CVE-2016-4834

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4834
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2016-000126
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201607-960
value:	HIGH
Trust: 0.6
VULHUB:	VHN-93653
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2016-4834
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4834
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
IPA:	JVNDB-2016-000126
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-93653
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4834
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	5.2
version:	3.0
Trust: 1.0
IPA:	JVNDB-2016-000126
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-93653 // VULMON: CVE-2016-4834 // JVNDB: JVNDB-2016-000126 // CNNVD: CNNVD-201607-960 // NVD: CVE-2016-4834

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-93653 // JVNDB: JVNDB-2016-000126 // NVD: CVE-2016-4834

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201607-960

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201607-960

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-000126

PATCH

title:	Download - Vtiger CRM	url:	https://www.vtiger.com/download/	Trust: 0.8
title:	Refactored access control on user-save operation.	url:	http://code.vtiger.com/vtiger/vtigercrm/commit/7cdf9941197b4aa58114eafce3ce88fb418eb68c	Trust: 0.8
title:	Vtiger CRM Repair measures for security bypass vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63312	Trust: 0.6

sources: JVNDB: JVNDB-2016-000126 // CNNVD: CNNVD-201607-960

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4834	Trust: 2.9
db:	JVN	id:	JVN01956993	Trust: 2.9
db:	JVNDB	id:	JVNDB-2016-000126	Trust: 2.6
db:	BID	id:	92076	Trust: 2.1
db:	SECTRACK	id:	1036485	Trust: 1.8
db:	CNNVD	id:	CNNVD-201607-960	Trust: 0.7
db:	VULHUB	id:	VHN-93653	Trust: 0.1
db:	VULMON	id:	CVE-2016-4834	Trust: 0.1

sources: VULHUB: VHN-93653 // VULMON: CVE-2016-4834 // BID: 92076 // JVNDB: JVNDB-2016-000126 // CNNVD: CNNVD-201607-960 // NVD: CVE-2016-4834

REFERENCES

url:	http://jvn.jp/en/jp/jvn01956993/index.html	Trust: 2.9
url:	http://code.vtiger.com/vtiger/vtigercrm/commit/7cdf9941197b4aa58114eafce3ce88fb418eb68c	Trust: 2.1
url:	http://www.securityfocus.com/bid/92076	Trust: 1.9
url:	http://jvndb.jvn.jp/jvndb/jvndb-2016-000126	Trust: 1.8
url:	http://www.securitytracker.com/id/1036485	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4834	Trust: 0.8
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4834	Trust: 0.8
url:	https://www.vtiger.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-93653 // VULMON: CVE-2016-4834 // BID: 92076 // JVNDB: JVNDB-2016-000126 // CNNVD: CNNVD-201607-960 // NVD: CVE-2016-4834

CREDITS

Inc.,Hirota Kazuki of Mitsui Bussan Secure Directions

Trust: 0.6

sources: CNNVD: CNNVD-201607-960

SOURCES

db:	VULHUB	id:	VHN-93653
db:	VULMON	id:	CVE-2016-4834
db:	BID	id:	92076
db:	JVNDB	id:	JVNDB-2016-000126
db:	CNNVD	id:	CNNVD-201607-960
db:	NVD	id:	CVE-2016-4834

LAST UPDATE DATE

2025-04-13T23:17:53.040000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-93653	date:	2016-12-06T00:00:00
db:	VULMON	id:	CVE-2016-4834	date:	2016-12-06T00:00:00
db:	BID	id:	92076	date:	2016-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2016-000126	date:	2016-08-04T00:00:00
db:	CNNVD	id:	CNNVD-201607-960	date:	2021-05-18T00:00:00
db:	NVD	id:	CVE-2016-4834	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-93653	date:	2016-08-01T00:00:00
db:	VULMON	id:	CVE-2016-4834	date:	2016-08-01T00:00:00
db:	BID	id:	92076	date:	2016-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2016-000126	date:	2016-07-20T00:00:00
db:	CNNVD	id:	CNNVD-201607-960	date:	2016-07-27T00:00:00
db:	NVD	id:	CVE-2016-4834	date:	2016-08-01T02:59:14.620