Lucene search

GitHub_MCVELIST:CVE-2023-39967

HistorySep 06, 2023 - 8:40 p.m.

CVE-2023-39967 Full read and controlled SSRF through URL parameter when testing a request inside wiremock-studio

2023-09-0620:40:43

CWE-918

GitHub_M

www.cve.org

cve-2023-39967

ssrf

wiremock studio

security vulnerability

discontinued product

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.5%

JSON

WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded to an arbitrary service reachable from WireMock’s instance. There are 3 identified potential attack vectors: via “TestRequester” functionality, webhooks and the proxy mode. As we can control HTTP Method, HTTP Headers, HTTP Data, it allows sending requests with the default level of credentials for the WireMock instance. The vendor has discontinued the affected Wiremock studio product and there will be no fix. Users are advised to find alternatives.

CNA Affected

[
  {
    "vendor": "wiremock",
    "product": "wiremock",
    "versions": [
      {
        "version": "All versions",
        "status": "affected"
      }
    ]
  }
]

References

github.com/wiremock/wiremock/security/advisories/GHSA-676j-xrv3-73vc

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.5%

JSON

Related for CVELIST:CVE-2023-39967