Skip to content

Fix data disclosure on organization endpoints#4837

Merged
dani-garcia merged 1 commit intodani-garcia:mainfrom
BlackDex:org-fixes
Aug 11, 2024
Merged

Fix data disclosure on organization endpoints#4837
dani-garcia merged 1 commit intodani-garcia:mainfrom
BlackDex:org-fixes

Conversation

@BlackDex
Copy link
Collaborator

@BlackDex BlackDex commented Aug 11, 2024

  • All users were able to request organizational details from any org, even if they were not a member (anymore). Now it will check if that user is a member of the org or not.
  • The /organization/<uuid>/keys endpoint returned also the private keys. This should not be the case. Also, according to the upstream server code the endpoint changed, but the clients do not seem to use it. I added it anyway just in case they will in the future.
  • Also require a valid login before being able to retreve those org keys. Upstream does not do this, but i see no reason why not.

Fixes: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39925

@BlackDex
Fix data disclosure on organization endpoints
44f88cc 
- All users were able to request organizational details from any org,
  even if they were not a member (anymore).
  Now it will check if that user is a member of the org or not.
- The `/organization/<uuid>/keys` endpoint returned also the private keys.
  This should not be the case. Also, according to the upstream server
  code the endpoint changed, but the clients do not seem to use it.
  I added it anyway just in case they will in the future.
- Also require a valid login before being able to retreve those org
  keys. Upstream does not do this, but i see no reason why not.

Fixes: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39925
@BlackDex BlackDex requested a review from dani-garcia August 11, 2024 17:35
@dani-garcia dani-garcia merged commit b557c11 into dani-garcia:main Aug 11, 2024
@BlackDex BlackDex deleted the org-fixes branch August 11, 2024 18:11
truecharts-admin referenced this pull request in trueforge-org/truecharts Aug 12, 2024
@truecharts-admin
chore(deps): update container image docker.io/vaultwarden/server to v…
54290a5 
…1.32.0@71668d2 by renovate (#25023)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/vaultwarden/server](https://github.com/dani-garcia/vaultwarden)
| minor | `1.31.0` -> `1.32.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>dani-garcia/vaultwarden
(docker.io/vaultwarden/server)</summary>

###
[`v1.32.0`](https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0)

[Compare
Source](https://github.com/dani-garcia/vaultwarden/compare/1.31.0...1.32.0)

#### Security Fixes

This release has several CVE Reports fixed and we recommend everybody to
update to the latest version as soon as possible.

-
[CVE-2024-39924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39924)
Fixed via
[#&#8203;4715](https://github.com/dani-garcia/vaultwarden/issues/4715)
-
[CVE-2024-39925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39925)
Fixed via
[#&#8203;4837](https://github.com/dani-garcia/vaultwarden/issues/4837)
-
[CVE-2024-39926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39926)
Fixed via
[#&#8203;4737](https://github.com/dani-garcia/vaultwarden/issues/4737)

#### Other changes

-   Updated web-vault to v2024.6.2
- Fixed issues with password reset enrollment by rolling back a
web-vault commit

#### What's Changed

- use a custom plan of enterprise tier to fix limits by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4726](https://github.com/dani-garcia/vaultwarden/pull/4726)
- chore: Dockerfile to Remove port 3012 by
[@&#8203;calvin-li-developer](https://github.com/calvin-li-developer)
in
[https://github.com/dani-garcia/vaultwarden/pull/4725](https://github.com/dani-garcia/vaultwarden/pull/4725)
- Fix bug where secureNotes is empty by
[@&#8203;cobyge](https://github.com/cobyge) in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://github.com/dani-garcia/vaultwarden/pull/4730)
- Improved HTTP client by
[@&#8203;dani-garcia](https://github.com/dani-garcia) in
[https://github.com/dani-garcia/vaultwarden/pull/4740](https://github.com/dani-garcia/vaultwarden/pull/4740)
- Update admin interface by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4737](https://github.com/dani-garcia/vaultwarden/pull/4737)
- Fix for RSA Keys which are read only by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4744](https://github.com/dani-garcia/vaultwarden/pull/4744)
- Fix Email 2FA login on native app by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4762](https://github.com/dani-garcia/vaultwarden/pull/4762)
- Update crates & fix crate vulnerability by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4771](https://github.com/dani-garcia/vaultwarden/pull/4771)
- Fix Dockerfile linter warnings by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4763](https://github.com/dani-garcia/vaultwarden/pull/4763)
- allow re-invitations of existing users by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4768](https://github.com/dani-garcia/vaultwarden/pull/4768)
- Allow to override log level for specific target by
[@&#8203;Timshel](https://github.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4305](https://github.com/dani-garcia/vaultwarden/pull/4305)
- Add support for MFA with Duo's Universal Prompt by
[@&#8203;0x0fbc](https://github.com/0x0fbc) in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://github.com/dani-garcia/vaultwarden/pull/4637)
- Allow to increase the note size to 100\_000 by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4772](https://github.com/dani-garcia/vaultwarden/pull/4772)
- Update Rust, Crates and GHA by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4783](https://github.com/dani-garcia/vaultwarden/pull/4783)
- Duo: use the formatted db email by
[@&#8203;Timshel](https://github.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4779](https://github.com/dani-garcia/vaultwarden/pull/4779)
- Update rust-toolchain.toml to 1.80.0 by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4784](https://github.com/dani-garcia/vaultwarden/pull/4784)
- fix issue with adding ciphers to organizations on native ios app by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4800](https://github.com/dani-garcia/vaultwarden/pull/4800)
- Rewrite the Push Notifications section in the configuration template
by [@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4805](https://github.com/dani-garcia/vaultwarden/pull/4805)
- Secure send file uploads by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4810](https://github.com/dani-garcia/vaultwarden/pull/4810)
- make access_all optional by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4812](https://github.com/dani-garcia/vaultwarden/pull/4812)
- Remove lowercase conversion for featureStates by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4820](https://github.com/dani-garcia/vaultwarden/pull/4820)
- Fix mail::send_incomplete\_2fa_login panic issue by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4792](https://github.com/dani-garcia/vaultwarden/pull/4792)
- Update crates, web-vault and fixes by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4823](https://github.com/dani-garcia/vaultwarden/pull/4823)
- Updated web-vault to v2024.6.2b by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4826](https://github.com/dani-garcia/vaultwarden/pull/4826)
- Update Rust to 1.80.1 by [@&#8203;dfunkt](https://github.com/dfunkt)
in
[https://github.com/dani-garcia/vaultwarden/pull/4831](https://github.com/dani-garcia/vaultwarden/pull/4831)
- Fix data disclosure on organization endpoints by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4837](https://github.com/dani-garcia/vaultwarden/pull/4837)

#### New Contributors

- [@&#8203;cobyge](https://github.com/cobyge) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://github.com/dani-garcia/vaultwarden/pull/4730)
- [@&#8203;0x0fbc](https://github.com/0x0fbc) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://github.com/dani-garcia/vaultwarden/pull/4637)

**Full Changelog**:
dani-garcia/vaultwarden@1.31.0...1.32.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNS4wIiwidXBkYXRlZEluVmVyIjoiMzguMjUuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhdXRvbWVyZ2UiLCJ1cGRhdGUvZG9ja2VyL2dlbmVyYWwvbm9uLW1ham9yIl19-->
@SuperSandro2000 SuperSandro2000 mentioned this pull request Aug 12, 2024
Merged
13 tasks
renovate bot referenced this pull request in NorkzYT/Wolflith Aug 15, 2024
@renovate
chore(deps): update vaultwarden/server docker tag to v1.32.0 (#816)
78a35cf 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [vaultwarden/server](https://github.com/dani-garcia/vaultwarden) |
minor | `1.31.0` -> `1.32.0` |

---

### Release Notes

<details>
<summary>dani-garcia/vaultwarden (vaultwarden/server)</summary>

###
[`v1.32.0`](https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0)

[Compare
Source](https://github.com/dani-garcia/vaultwarden/compare/1.31.0...1.32.0)

#### Security Fixes

This release has several CVE Reports fixed and we recommend everybody to
update to the latest version as soon as possible.

-
[CVE-2024-39924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39924)
Fixed via
[#&#8203;4715](https://github.com/dani-garcia/vaultwarden/issues/4715)
-
[CVE-2024-39925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39925)
Fixed via
[#&#8203;4837](https://github.com/dani-garcia/vaultwarden/issues/4837)
-
[CVE-2024-39926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39926)
Fixed via
[#&#8203;4737](https://github.com/dani-garcia/vaultwarden/issues/4737)

#### Other changes

-   Updated web-vault to v2024.6.2
- Fixed issues with password reset enrollment by rolling back a
web-vault commit

#### What's Changed

- use a custom plan of enterprise tier to fix limits by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4726](https://github.com/dani-garcia/vaultwarden/pull/4726)
- chore: Dockerfile to Remove port 3012 by
[@&#8203;calvin-li-developer](https://github.com/calvin-li-developer)
in
[https://github.com/dani-garcia/vaultwarden/pull/4725](https://github.com/dani-garcia/vaultwarden/pull/4725)
- Fix bug where secureNotes is empty by
[@&#8203;cobyge](https://github.com/cobyge) in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://github.com/dani-garcia/vaultwarden/pull/4730)
- Improved HTTP client by
[@&#8203;dani-garcia](https://github.com/dani-garcia) in
[https://github.com/dani-garcia/vaultwarden/pull/4740](https://github.com/dani-garcia/vaultwarden/pull/4740)
- Update admin interface by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4737](https://github.com/dani-garcia/vaultwarden/pull/4737)
- Fix for RSA Keys which are read only by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4744](https://github.com/dani-garcia/vaultwarden/pull/4744)
- Fix Email 2FA login on native app by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4762](https://github.com/dani-garcia/vaultwarden/pull/4762)
- Update crates & fix crate vulnerability by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4771](https://github.com/dani-garcia/vaultwarden/pull/4771)
- Fix Dockerfile linter warnings by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4763](https://github.com/dani-garcia/vaultwarden/pull/4763)
- allow re-invitations of existing users by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4768](https://github.com/dani-garcia/vaultwarden/pull/4768)
- Allow to override log level for specific target by
[@&#8203;Timshel](https://github.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4305](https://github.com/dani-garcia/vaultwarden/pull/4305)
- Add support for MFA with Duo's Universal Prompt by
[@&#8203;0x0fbc](https://github.com/0x0fbc) in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://github.com/dani-garcia/vaultwarden/pull/4637)
- Allow to increase the note size to 100\_000 by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4772](https://github.com/dani-garcia/vaultwarden/pull/4772)
- Update Rust, Crates and GHA by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4783](https://github.com/dani-garcia/vaultwarden/pull/4783)
- Duo: use the formatted db email by
[@&#8203;Timshel](https://github.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4779](https://github.com/dani-garcia/vaultwarden/pull/4779)
- Update rust-toolchain.toml to 1.80.0 by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4784](https://github.com/dani-garcia/vaultwarden/pull/4784)
- fix issue with adding ciphers to organizations on native ios app by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4800](https://github.com/dani-garcia/vaultwarden/pull/4800)
- Rewrite the Push Notifications section in the configuration template
by [@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4805](https://github.com/dani-garcia/vaultwarden/pull/4805)
- Secure send file uploads by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4810](https://github.com/dani-garcia/vaultwarden/pull/4810)
- make access_all optional by
[@&#8203;stefan0xC](https://github.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4812](https://github.com/dani-garcia/vaultwarden/pull/4812)
- Remove lowercase conversion for featureStates by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4820](https://github.com/dani-garcia/vaultwarden/pull/4820)
- Fix mail::send_incomplete\_2fa_login panic issue by
[@&#8203;dfunkt](https://github.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4792](https://github.com/dani-garcia/vaultwarden/pull/4792)
- Update crates, web-vault and fixes by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4823](https://github.com/dani-garcia/vaultwarden/pull/4823)
- Updated web-vault to v2024.6.2b by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4826](https://github.com/dani-garcia/vaultwarden/pull/4826)
- Update Rust to 1.80.1 by [@&#8203;dfunkt](https://github.com/dfunkt)
in
[https://github.com/dani-garcia/vaultwarden/pull/4831](https://github.com/dani-garcia/vaultwarden/pull/4831)
- Fix data disclosure on organization endpoints by
[@&#8203;BlackDex](https://github.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4837](https://github.com/dani-garcia/vaultwarden/pull/4837)

#### New Contributors

- [@&#8203;cobyge](https://github.com/cobyge) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://github.com/dani-garcia/vaultwarden/pull/4730)
- [@&#8203;0x0fbc](https://github.com/0x0fbc) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://github.com/dani-garcia/vaultwarden/pull/4637)

**Full Changelog**:
dani-garcia/vaultwarden@1.31.0...1.32.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 10pm every weekday,every
weekend,before 5am every weekday" in timezone America/New_York,
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job log](https://developer.mend.io/github/NorkzYT/Wolflith).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguMjYuMSIsInRhcmdldEJyYW5jaCI6InN0YWdpbmciLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIiwibWlub3IiLCJyZW5vdmF0ZSJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot mentioned this pull request Aug 4, 2025
Open
1 task
@renovate renovate bot mentioned this pull request Aug 13, 2025
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dani-garcia dani-garcia dani-garcia approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BlackDex @dani-garcia