Miggo Logo
Miggo Vulnerability Database
CVE-2024-24751

CVE-2024-24751: derhansen/sf_event_mgt vulnerable to Broken Access Control in Backend Module

4.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-24751
GHSA ID
GHSA-4576-pgh2-g34j
EPSS Score
0.5427%
CWE
CWE-284
Published
2/13/2024
Updated
10/18/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
derhansen/sf_event_mgtcomposer>= 7.0.0, < 7.4.07.4.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the fact that checkEventAccess() in the affected versions called $this->redirect('list') but did not return the RedirectResponse. Controller actions like exportAction, indexNotifyAction, and notifyAction relied on checkEventAccess to enforce access control but continued execution even when a redirect was triggered. The commit diff explicitly modifies these functions to check the return value of checkEventAccess and return the redirect, confirming their role in the vulnerability. The CVE description and patch context directly link the unhandled RedirectResponse to these functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** *xistin* ****ss *ontrol ****k *or *v*nts in t** ***k*n* mo*ul* *ot *rok*n *urin* t** up**t* o* t** *xt*nsion to TYPO* **.*, ****us* t** `R**ir**tR*spons*` *rom t** `$t*is->r**ir**t()` *un*tion w*s n*v*r **n*l**.

Reasoning

T** vuln*r**ility st*ms *rom t** ***t t**t `****k*v*nt****ss()` in t** *****t** v*rsions **ll** $t*is->r**ir**t('list') *ut *i* not r*turn t** `R**ir**tR*spons*`. *ontroll*r **tions lik* `*xport**tion`, `in**xNoti*y**tion`, *n* `noti*y**tion` r*li**