Lucene search

[email protected]NVD:CVE-2023-46315

HistoryOct 22, 2023 - 10:15 p.m.

CVE-2023-46315

2023-10-2222:15:08

CWE-200

[email protected]

web.nvd.nist.gov

remote attackers

local file access

web ui

authentication

security vulnerability

stable-diffusion-webui

gradio

secret key configuration

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before 977815a for stable-diffusion-webui (aka Stable Diffusion web UI), if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL, as demonstrated by reading /proc/self/environ to discover credentials.

Affected configurations

Nvd

Node

zanllpstable_diffusion_webui_infinite_image_browsingRange<5.0

VendorProductVersionCPE
zanllpstable_diffusion_webui_infinite_image_browsing*cpe:2.3:a:zanllp:stable_diffusion_webui_infinite_image_browsing:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zanllp	stable_diffusion_webui_infinite_image_browsing	*	cpe:2.3:a:zanllp:stable_diffusion_webui_infinite_image_browsing::::::::

References

github.com/zanllp/sd-webui-infinite-image-browsing/issues/387

github.com/zanllp/sd-webui-infinite-image-browsing/pull/368/commits/977815a2b28ad953c10ef0114c365f698c4b8f19

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

Related for NVD:CVE-2023-46315

prion1 cve1 cvelist1 vulnrichment1