CVE-2024-13200
Published: 09 January 2025
Summary
CVE-2024-13200 is a high-severity Incorrect Privilege Assignment (CWE-266) vulnerability in Wander-Chu Springboot-Blog. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 23.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for access to system resources, directly addressing the improper access controls in the BaseInterceptor's preHandle function for HTTP POST requests.
Applies least privilege to restrict unauthorized access, mitigating exploitation of the access control bypass in the vulnerable HTTP POST handler.
Validates inputs to HTTP POST requests, preventing manipulative payloads that exploit the improper access controls in the interceptor.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is an improper access control (permission bypass) in a public-facing SpringBoot-Blog application, allowing remote unauthenticated attackers to send HTTP POST requests that bypass login and modify website content. This enables T1190 (Exploit Public-Facing Application) for initial access and T1068 (Exploitation for Privilege Escalation) as explicitly mapped in the advisory.
NVD Description
A vulnerability, which was classified as critical, was found in wander-chu SpringBoot-Blog 1.0. This affects the function preHandle of the file src/main/java/com/my/blog/website/interceptor/BaseInterceptor.java of the component HTTP POST Request Handler. The manipulation leads to improper access controls. It is possible to…
more
initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Deeper analysisAI
CVE-2024-13200 is a critical vulnerability involving improper access controls in the wander-chu SpringBoot-Blog version 1.0. It affects the preHandle function within the file src/main/java/com/my/blog/website/interceptor/BaseInterceptor.java, part of the HTTP POST Request Handler component. The issue, linked to CWE-266 and CWE-284, allows manipulation that bypasses access restrictions.
The vulnerability can be exploited remotely by unauthenticated attackers with network access, requiring low complexity and no user interaction, as indicated by its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Successful exploitation grants low-level impacts on confidentiality, integrity, and availability.
Advisories from sources including VulDB and GitHub issues for the SpringBoot-Blog repository detail the vulnerability and note that the vendor was contacted early regarding disclosure but provided no response. No patches or mitigations are mentioned in the available information.
The exploit has been publicly disclosed and may be actively used, with references available on GitHub and VulDB.
Details
- CWE(s)