Login Sign Up

CVE-2022-29585

7.5 HIGH

📋 TL;DR

This vulnerability in Mahara's Isolated Institutions feature allows users to see groups from other institutions beyond the first page of group results, violating intended isolation. It affects Mahara sites using Isolated Institutions with more than ten groups. The issue is an information disclosure vulnerability.

💻 Affected Systems

Products:
  • Mahara
Versions: Versions before 20.10.5, 21.04.4, 21.10.2, and 22.04.0
Operating Systems: All
Default Config Vulnerable: ✅ No
Notes: Only affects sites using Isolated Institutions feature with more than ten groups

📦 What is this software?

Mahara by Mahara

View all CVEs affecting Mahara →

Mahara by Mahara

View all CVEs affecting Mahara →

Mahara by Mahara

View all CVEs affecting Mahara →

Mahara by Mahara

View all CVEs affecting Mahara →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthorized users could discover and potentially access groups from other isolated institutions, leading to data leakage and privacy violations.

🟠

Likely Case

Users can see group names and potentially metadata from other institutions they shouldn't have access to, violating institutional isolation policies.

🟢

If Mitigated

With proper access controls and monitoring, the impact is limited to information disclosure of group names rather than full data access.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access and navigating to page 2+ of group results

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 20.10.5, 21.04.4, 21.10.2, or 22.04.0

Vendor Advisory: https://mahara.org/interaction/forum/topic.php?id=9093

Restart Required: No

Instructions:

1. Backup your Mahara installation and database. 2. Download the appropriate patched version from mahara.org. 3. Replace files with patched version. 4. Run any database upgrade scripts if needed.

🔧 Temporary Workarounds

Limit groups per institution

all

Keep each institution's groups under 10 to prevent the pagination issue

Disable Isolated Institutions

all

Turn off the Isolated Institutions feature if not required

🧯 If You Can't Patch

  • Implement strict access controls and monitoring for group access patterns
  • Educate users about proper data handling and report any unexpected group visibility

🔍 How to Verify

Check if Vulnerable:

Check if using Isolated Institutions with >10 groups and Mahara version is before 20.10.5, 21.04.4, 21.10.2, or 22.04.0

Check Version:

Check Mahara admin panel or config.php for version information

Verify Fix Applied:

After patching, verify groups from other institutions don't appear on page 2+ of group results

📡 Detection & Monitoring

Log Indicators:

  • Unusual group access patterns, users accessing groups from multiple institutions

Network Indicators:

  • Increased requests to group listing pages with pagination parameters

SIEM Query:

Search for GET requests to /group/* with page=2+ parameters from users accessing multiple institutions

📊 Metadata

CVE ID: CVE-2022-29585
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-276
Published: April 28, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29585, you might also want to check these:

CVE-2025-40585 9.9

Energy Services solutions using G5DFR contain default credentials, allowing attackers to gain contro...

Same vulnerability type (CWE-276)
CVE-2023-47462 9.8

This vulnerability allows remote attackers to execute arbitrary code on GL.iNet AX1800 routers by ex...

Same vulnerability type (CWE-276)
CVE-2022-41572 9.8

CVE-2022-41572 is a privilege escalation vulnerability in EyesOfNetwork (EON) where nmap can be exec...

Same vulnerability type (CWE-276)