VYPR
← All advisories
High severityNVD Advisory· Published Aug 3, 2023· Updated Oct 10, 2024

Missing Authorization in answerdev/answer

CVE-2023-4124

Description

Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In answerdev/answer before v1.1.1, missing authorization checks allow unauthorized users to access privileged functions.

Vulnerability

CVE-2023-4124 is a missing authorization vulnerability in the Answer Q&A platform (answerdev/answer) prior to version 1.1.1. The application failed to enforce proper access controls on certain endpoints, leaving critical operations unprotected. The root cause was the absence of default privilege configuration initialization, which led to inconsistent authorization checks [1][4].

Exploitation

An attacker can exploit this by sending specially crafted requests to privileged endpoints without authentication or with a low-privileged session. No special network position is required, as the endpoints are exposed via the web interface. The missing checks affect operations such as site configuration, user management, and content modification that should be restricted to administrators [1][2].

Impact

Successful exploitation can result in unauthorized access to sensitive data, privilege escalation, and full compromise of the Answer instance. An attacker may alter site settings, delete content, or gain administrative control, potentially affecting all users of the platform [4].

Mitigation

The vulnerability is patched in version 1.1.1 (commit 964195f). Users should upgrade immediately. No workarounds have been documented [1][3].

References
  1. feat(init): set default privileges when init · apache/answer@964195f
  2. NVD - CVE-2023-4124
  3. GitHub - apache/answer: A Q&A platform software for teams at any scales. Whether it's a community forum, help center, or knowledge management platform, you can always count on Apache Answer.
  4. The world’s first bug bounty platform for AI/ML

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/answerdev/answerGo
< 1.1.11.1.1

Affected products

2

Patches

1
964195fd859e

feat(init): set default privileges when init

https://github.com/answerdev/answerLinkinStarsJul 4, 2023via ghsa
commit
5 files changed · +43 10
  • internal/migrations/init_data.go+1 1 modified
    @@ -232,7 +232,7 @@ var (
 		{ID: 48, Key: "rank.comment.edit", Value: `-1`},
 		{ID: 49, Key: "rank.comment.delete", Value: `-1`},
 		{ID: 50, Key: "rank.report.add", Value: `1`},
-		{ID: 51, Key: "rank.tag.add", Value: `1`},
+		{ID: 51, Key: "rank.tag.add", Value: `1500`},
 		{ID: 52, Key: "rank.tag.edit", Value: `100`},
 		{ID: 53, Key: "rank.tag.delete", Value: `-1`},
 		{ID: 54, Key: "rank.tag.synonym", Value: `20000`},
  • internal/migrations/init.go+29 0 modified
    @@ -4,6 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/answerdev/answer/internal/schema"
+	"github.com/segmentfault/pacman/log"
 
 	"github.com/answerdev/answer/internal/entity"
 	"golang.org/x/crypto/bcrypt"
@@ -38,6 +40,7 @@ func (m *Mentor) InitDB() error {
 	m.do("init version table", m.initVersionTable)
 	m.do("init admin user", m.initAdminUser)
 	m.do("init config", m.initConfig)
+	m.do("init default privileges config", m.initDefaultRankPrivileges)
 	m.do("init role", m.initRole)
 	m.do("init power", m.initPower)
 	m.do("init role power rel", m.initRolePowerRel)
@@ -48,6 +51,7 @@ func (m *Mentor) InitDB() error {
 	m.do("init site info theme config", m.initSiteInfoThemeConfig)
 	m.do("init site info seo config", m.initSiteInfoSEOConfig)
 	m.do("init site info user config", m.initSiteInfoUsersConfig)
+	m.do("init site info privilege rank", m.initSiteInfoPrivilegeRank)
 	return m.err
 }
 
@@ -95,6 +99,19 @@ func (m *Mentor) initConfig() {
 	_, m.err = m.engine.Context(m.ctx).Insert(defaultConfigTable)
 }
 
+func (m *Mentor) initDefaultRankPrivileges() {
+	chooseOption := schema.DefaultPrivilegeOptions.Choose(schema.PrivilegeLevel2)
+	for _, privilege := range chooseOption.Privileges {
+		_, err := m.engine.Context(m.ctx).Update(
+			&entity.Config{Value: fmt.Sprintf("%d", privilege.Value)},
+			&entity.Config{Key: privilege.Key},
+		)
+		if err != nil {
+			log.Error(err)
+		}
+	}
+}
+
 func (m *Mentor) initRole() {
 	_, m.err = m.engine.Context(m.ctx).Insert(roles)
 }
@@ -192,3 +209,15 @@ func (m *Mentor) initSiteInfoUsersConfig() {
 		Status:  1,
 	})
 }
+
+func (m *Mentor) initSiteInfoPrivilegeRank() {
+	privilegeRankData := map[string]interface{}{
+		"level": schema.PrivilegeLevel2,
+	}
+	privilegeRankDataBytes, _ := json.Marshal(privilegeRankData)
+	_, m.err = m.engine.Context(m.ctx).Insert(&entity.SiteInfo{
+		Type:    "privileges",
+		Content: string(privilegeRankDataBytes),
+		Status:  1,
+	})
+}
  • internal/migrations/v3.go+1 1 modified
    @@ -117,7 +117,7 @@ ON "question" (
 		{ID: 48, Key: "rank.comment.edit", Value: `-1`},
 		{ID: 49, Key: "rank.comment.delete", Value: `-1`},
 		{ID: 50, Key: "rank.report.add", Value: `1`},
-		{ID: 51, Key: "rank.tag.add", Value: `1`},
+		{ID: 51, Key: "rank.tag.add", Value: `1500`},
 		{ID: 52, Key: "rank.tag.edit", Value: `100`},
 		{ID: 53, Key: "rank.tag.delete", Value: `-1`},
 		{ID: 54, Key: "rank.tag.synonym", Value: `20000`},
  • internal/schema/siteinfo_schema.go+11 1 modified
    @@ -265,6 +265,16 @@ const (
 )
 
 type PrivilegeLevel int
+type PrivilegeOptions []*PrivilegeOption
+
+func (p PrivilegeOptions) Choose(level PrivilegeLevel) (option *PrivilegeOption) {
+	for _, op := range p {
+		if op.Level == level {
+			return op
+		}
+	}
+	return nil
+}
 
 // GetPrivilegesConfigResp get privileges config response
 type GetPrivilegesConfigResp struct {
@@ -285,7 +295,7 @@ type UpdatePrivilegesConfigReq struct {
 }
 
 var (
-	DefaultPrivilegeOptions      []*PrivilegeOption
+	DefaultPrivilegeOptions      PrivilegeOptions
 	privilegeOptionsLevelMapping = map[string][]int{
 		constant.RankQuestionAddKey:               {1, 1, 1},
 		constant.RankAnswerAddKey:                 {1, 1, 1},
  • internal/service/siteinfo/siteinfo_service.go+1 7 modified
    @@ -322,13 +322,7 @@ func (s *SiteInfoService) translatePrivilegeOptions(ctx context.Context) (option
 }
 
 func (s *SiteInfoService) UpdatePrivilegesConfig(ctx context.Context, req *schema.UpdatePrivilegesConfigReq) (err error) {
-	var chooseOption *schema.PrivilegeOption
-	for _, option := range schema.DefaultPrivilegeOptions {
-		if option.Level == req.Level {
-			chooseOption = option
-			break
-		}
-	}
+	chooseOption := schema.DefaultPrivilegeOptions.Choose(req.Level)
 	if chooseOption == nil {
 		return nil
 	}

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.