Lucene search

K

GoogleOSV:CVE-2023-4727

HistoryJun 11, 2024 - 8:15 p.m.

CVE-2023-4727

2024-06-1120:15:09

Google

osv.dev

3

flaw

dogtag-pki

pki-core

ldap injection

token authentication

privilege escalation

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.

References

access.redhat.com/errata/RHSA-2024:4051

access.redhat.com/errata/RHSA-2024:4070

access.redhat.com/errata/RHSA-2024:4164

access.redhat.com/errata/RHSA-2024:4165

access.redhat.com/errata/RHSA-2024:4179

access.redhat.com/errata/RHSA-2024:4222

access.redhat.com/errata/RHSA-2024:4367

access.redhat.com/errata/RHSA-2024:4403

access.redhat.com/errata/RHSA-2024:4413

access.redhat.com/security/cve/CVE-2023-4727

bugzilla.redhat.com/show_bug.cgi?id=2232218

security-tracker.debian.org/tracker/CVE-2023-4727

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

Related for OSV:CVE-2023-4727

osv3 almalinux2 nessus16 amazon1 redhat9 ubuntucve1 debiancve1 oraclelinux3 cve1 nvd1 redhatcve1 cvelist1 rocky1 vulnrichment1