Lucene search

GitHub Advisory DatabaseGHSA-M5Q5-8MFW-P2HR

HistoryJul 17, 2023 - 2:40 p.m.

CasaOS contains weak JWT secrets

2023-07-1714:40:16

CWE-287

CWE-1391

GitHub Advisory Database

github.com

casaos

weak jwt

unauthenticated attackers

arbitrary commands

root access

security patch

version 0.4.4

workaround

software vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.036 Low

EPSS

Percentile

91.7%

JSON

Impact

Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as root on CasaOS instances.

Patches

The problem was addressed by improving the validation of JWTs in 705bf1f. This patch is part of CasaOS 0.4.4.

Workarounds

Users should upgrade to CasaOS 0.4.4. If they can’t, they should temporarily restrict access to CasaOS to untrusted users, for instance by not exposing it publicly.

References

Affected configurations

Vulners

Node

github.com\/icewhaletech\/casaosgatewayRange<0.4.4

CPENameOperatorVersion
github.com/icewhaletech/casaoslt0.4.4

CPE	Name	Operator	Version
	github.com/icewhaletech/casaos	lt	0.4.4

References

github.com/advisories/GHSA-m5q5-8mfw-p2hr

github.com/IceWhaleTech/CasaOS/commit/705bf1facbffd2ca40b159b0303132b6fdf657ad

github.com/IceWhaleTech/CasaOS/security/advisories/GHSA-m5q5-8mfw-p2hr

nvd.nist.gov/vuln/detail/CVE-2023-37266

www.sonarsource.com/blog/security-vulnerabilities-in-casaos/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.036 Low

EPSS

Percentile

91.7%

JSON

Related for GHSA-M5Q5-8MFW-P2HR