CVE-2023-5256 Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

2023-09-2818:17:43

CWE-200

drupal

github.com

drupal

json:api

cache poisoning

sensitive information

privilege escalation

rest

graphql

vulnerability

AI Score

6.4

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

In certain scenarios, Drupal’s JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation.

This vulnerability only affects sites with the JSON:API module enabled, and can be mitigated by uninstalling JSON:API.

The core REST and contributed GraphQL modules are not affected.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"
    ],
    "vendor": "drupal",
    "product": "drupal",
    "versions": [
      {
        "status": "affected",
        "version": "10.1",
        "lessThan": "10.1.4",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "10.0",
        "lessThan": "10.0.11",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "9.5",
        "lessThan": "9.5.11",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]