6.5

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-65pc-76pq-pvf5

EPSS Score

CWE

Published

4/4/2024

Updated

4/5/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-65pc-76pq-pvf5

GHSA-65pc-76pq-pvf5: Duplicate Advisory: Pebble service manager's file pull API allows access by any user

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-4685-2x5r-65pj. This link is maintained to preserve external references.

Original Description

It was discovered that Pebble's read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2, and v1.7.4.

(GitHub Advisory)

6.5

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-65pc-76pq-pvf5

EPSS Score

CWE

Published

4/4/2024

Updated

4/5/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/canonical/pebble	go	< 1.1.1	1.1.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability centers around Pebble's file read API endpoint (GET /v1/files?action=read) and its corresponding CLI command. Analysis of advisory details shows:

The core issue was missing authorization checks in the API handler (serveRead) that should have restricted access to admin users
The cmdPull command directly interacts with this vulnerable API
Security patches added user authorization validation in these components
Runtime exploitation would show these functions in call stacks when unprivileged users access protected files
Function names follow Go's package structure conventions observed in Pebble's codebase

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

## *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-****-*x*r-**pj. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ## Ori*in*l **s*ription It w*s *is*ov*r** t**t P***l*'s r***-*il* *PI *n* t** *sso*i*t*

Reasoning

T** vuln*r**ility **nt*rs *roun* P***l*'s *il* r*** *PI *n*point (**T /v*/*il*s?**tion=r***) *n* its *orr*spon*in* *LI *omm*n*. *n*lysis o* **visory **t*ils s*ows: *. T** *or* issu* w*s missin* *ut*oriz*tion ****ks in t** *PI **n*l*r (s*rv*R***) t**t

6.5

Basic Information

Concerned about an active attack path?

GHSA-65pc-76pq-pvf5: Duplicate Advisory: Pebble service manager's file pull API allows access by any user

Duplicate Advisory

Original Description

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI