Miggo Logo
Miggo Vulnerability Database
CVE-2022-34112

CVE-2022-34112: Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-34112
GHSA ID
GHSA-c2pj-rr68-pw94
EPSS Score
0.18825%
CWE
CWE-732
Published
7/23/2022
Updated
1/30/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
io.dataease:dataease-plugin-commonmaven<= 1.11.11.11.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing Shiro permission checks in the plugin uninstall handler. The fix commit shows: 1) Addition of @RequiresPermissions("plugin:uninstall") to the unInstall method, 2) Database migration adding 'plugin:uninstall' permission entries, and 3) Frontend permission checks. Before 1.11.2, the absence of these controls let non-admin users execute privileged plugin operations via direct API access, matching the CWE-732 (incorrect permission assignment) description.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n ****ss *ontrol issu* in t** *ompon*nt /*pi/plu*in/uninst*ll **t***s* v*.**.* *llows *tt**k*rs to *r*itr*rily uninst*ll t** plu*in, * ri**t norm*lly r*s*rv** *or t** **ministr*tor. V*rsion *.**.* *ont*ins * p*t** *or t*is issu*.

Reasoning

T** vuln*r**ility st*ms *rom missin* S*iro p*rmission ****ks in t** plu*in uninst*ll **n*l*r. T** *ix *ommit s*ows: *) ***ition o* @R*quir*sP*rmissions("plu*in:uninst*ll") to t** unInst*ll m*t*o*, *) **t***s* mi*r*tion ***in* 'plu*in:uninst*ll' p*rmi