Lucene search

GoogleOSV:GO-2023-2394

HistoryJan 02, 2024 - 6:32 p.m.

Spoofed source IP address in github.com/shift72/caddy-geo-ip

2024-01-0218:32:43

Google

osv.dev

github

shift72

caddy-geo-ip

geoip

middleware

caddy 2

attackers

spoof

x-forwarded-for

bypass

protection mechanism

trusted_proxy

reverse_proxy

ip address range

software

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.3%

JSON

The caddy-geo-ip (aka GeoIP) middleware for Caddy 2 allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism (trusted_proxy directive in reverse_proxy or IP address range restrictions).

References

github.com/shift72/caddy-geo-ip/issues/4

nvd.nist.gov/vuln/detail/CVE-2023-50463

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.3%

JSON

Related for OSV:GO-2023-2394