Lucene search

[email protected]NVD:CVE-2023-46730

HistoryNov 07, 2023 - 6:15 p.m.

CVE-2023-46730

2023-11-0718:15:08

CWE-918

[email protected]

web.nvd.nist.gov

ssrf vulnerability

group-office crm

server-side request forgery

api endpoint

untrusted domains

resource requests

versions 6.8.15

6.7.54

6.6.177

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

19.3%

JSON

Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to untrusted domains. Note that protocols like file:// can also be used to access the server disk. The request result (on success) can then be retrieved using /api/download.php. This issue has been addressed in versions 6.8.15, 6.7.54, and 6.6.177. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected configurations

NVD

Node

group-officegroup_officeRange6.3.1–6.6.177

group-officegroup_officeRange6.7.0–6.7.54

group-officegroup_officeRange6.8.0–6.8.15

References

github.com/Intermesh/groupoffice/commit/99205535e8cec6592fd7f1469837926f27c72d50

github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

19.3%

JSON

Related for NVD:CVE-2023-46730

prion1 cve1 osv1 cvelist1