Lucene search

GitHub_MCVELIST:CVE-2023-41894

HistoryOct 19, 2023 - 11:23 p.m.

CVE-2023-41894 Local-only webhooks externally accessible via SniTun in Home Assistant Core

2023-10-1923:23:17

CWE-669

GitHub_M

www.cve.org

vulnerability

home assistant core

webhooks

snitun

open source

authentication

127.0.0.1

upgrade

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component are triggerable via the *.ui.nabu.casa URL without authentication, even when the webhook is marked as Only accessible from the local network. This issue is facilitated by the SniTun proxy, which sets the source address to 127.0.0.1 on all requests sent to the public URL and forwarded to the local Home Assistant. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CNA Affected

[
  {
    "vendor": "home-assistant",
    "product": "core",
    "versions": [
      {
        "version": "< 2023.9.0",
        "status": "affected"
      }
    ]
  }
]

References

github.com/home-assistant/core/security/advisories/GHSA-wx3j-3v2j-rf45

www.home-assistant.io/blog/2023/10/19/security-audits-of-home-assistant/

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVELIST:CVE-2023-41894