Lucene search

GoogleOSV:CVE-2023-35843

HistoryJun 19, 2023 - 6:15 p.m.

CVE-2023-35843

2023-06-1918:15:09

Google

osv.dev

nocodb

path traversal

unauthenticated access

sensitive files

server vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.065 Low

EPSS

Percentile

93.8%

JSON

NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.

CPENameOperatorVersion
nocodbeq0.10.5
nocodbeq0.96.4
nocodbeq0.10.6
nocodbeq0.83.0
nocodbeq0.91.10
nocodbeq0.106.1
nocodbeq0.105.1
nocodbeq0.4.5
nocodbeq0.10.4
nocodbeq0.11.23

Name	Operator	Version
nocodb	eq	0.10.5
nocodb	eq	0.96.4
nocodb	eq	0.10.6
nocodb	eq	0.83.0
nocodb	eq	0.91.10
nocodb	eq	0.106.1
nocodb	eq	0.105.1
nocodb	eq	0.4.5
nocodb	eq	0.10.4
nocodb	eq	0.11.23

Rows per page:

1-10 of 1301

References

advisory.dw1.io/60

github.com/nocodb/nocodb/blob/6decfa2b20c28db9946bddce0bcb1442b683ecae/packages/nocodb/src/lib/controllers/attachment.ctl.ts#L62-L74

github.com/nocodb/nocodb/blob/f7ee7e3beb91d313a159895d1edc1aba9d91b0bc/packages/nocodb/src/controllers/attachments.controller.ts#L55-L66

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.065 Low

EPSS

Percentile

93.8%

JSON

Related for OSV:CVE-2023-35843