CVE-2023-5183

🗓️ 26 Sep 2023 21:29:36Reported by IllumioType

Unsafe JSON deserialization allows code execution on Illumio PCE

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2023-5183	27 Sep 202318:46	–	circl
CNNVD	Illumio PCE Code Issue Vulnerability	27 Sep 202300:00	–	cnnvd
Cvelist	CVE-2023-5183 Authenticated RCE due to unsafe JSON deserialization	26 Sep 202321:29	–	cvelist
EUVD	EUVD-2023-57520	3 Oct 202520:07	–	euvd
NVD	CVE-2023-5183	27 Sep 202315:19	–	nvd
OSV	CVE-2023-5183	27 Sep 202315:19	–	osv
Prion	Deserialization of untrusted data	27 Sep 202315:19	–	prion
Positive Technologies	PT-2023-31897 · Illumio · Illumio Pce	26 Sep 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-5183 Authenticated RCE due to unsafe JSON deserialization	26 Sep 202321:29	–	vulnrichment

NVD

Node

illumio core_policy_compute_engineRange<19.3.7

illumio core_policy_compute_engineRange21.2.0–21.2.8

illumio core_policy_compute_engineRange21.5.0–21.5.36

illumio core_policy_compute_engineRange22.2.0–22.2.42

illumio core_policy_compute_engineRange22.5.0–22.5.31

illumio core_policy_compute_engineRange23.2.0–23.2.11

[
  {
    "defaultStatus": "affected",
    "modules": [
      "PCE"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Core PCE",
    "vendor": "Illumio",
    "versions": [
      {
        "lessThanOrEqual": "19.3.6",
        "status": "affected",
        "version": "19.3.0",
        "versionType": "release train"
      },
      {
        "lessThanOrEqual": "21.2.7",
        "status": "affected",
        "version": "21.2.0",
        "versionType": "release train"
      },
      {
        "lessThanOrEqual": "21.5.35",
        "status": "affected",
        "version": "21.5.0",
        "versionType": "release train"
      },
      {
        "lessThanOrEqual": "22.2.41",
        "status": "affected",
        "version": "22.2.0",
        "versionType": "release train"
      },
      {
        "lessThanOrEqual": "22.5.30",
        "status": "affected",
        "version": "22.5.0",
        "versionType": "release train"
      },
      {
        "lessThanOrEqual": "23.2.10",
        "status": "affected",
        "version": "23.2.0",
        "versionType": "release train"
      }
    ]
  }
]

Source	Link
docs	www.docs.illumio.com/Guides/security-advisories/september-2023/cve-2023-5183.htm

21 Nov 2024 08:41Current

9.3High risk

Vulners AI Score9.3

CVSS 3.18.8 - 9.9

EPSS0.006

SSVC

CWE-502