Lucene search

[email protected]NVD:CVE-2023-43783

HistorySep 22, 2023 - 6:15 a.m.

CVE-2023-43783

2023-09-2206:15:10

CWE-668

[email protected]

web.nvd.nist.gov

cadence 0.9.2

/tmp/cadence-wineasio.reg

symlink attack

code injection

wine registry

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

44.8%

JSON

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The filename is used even if it has been created by a local adversary before Cadence started. The adversary can leverage this to create or overwrite files via a symlink attack. In some kernel configurations, code injection into the Wine registry is possible.

Affected configurations

Nvd

Node

falktxcadenceRange≤0.9.2

VendorProductVersionCPE
falktxcadence*cpe:2.3:a:falktx:cadence:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
falktx	cadence	*	cpe:2.3:a:falktx:cadence::::::::

References

www.openwall.com/lists/oss-security/2023/10/05/4

bugzilla.suse.com/show_bug.cgi?id=1213985

github.com/falkTX/Cadence

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

44.8%

JSON

Related for NVD:CVE-2023-43783

osv1 vulnrichment1 cve1 prion1 cvelist1 mageia1 openvas1