CVE-2021-32623 - OpenCVE

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apereo	Opencast

Configuration 1 [-]

cpe:2.3:a:apereo:opencast:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e	Patch Third Party Advisory
https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-06-15T23:45:10

Updated: 2021-06-15T23:45:10

Reserved: 2021-05-12T00:00:00

Link: CVE-2021-32623

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-06-16T00:15:07.717

Modified: 2021-06-23T19:55:22.117

Link: CVE-2021-32623

JSON object: View

Redhat Information

No data.

CWE

CWE-776

{"containers": {"cna": {"affected": [{"product": "opencast", "vendor": "opencast", "versions": [{"status": "affected", "version": "< 9.6"}]}], "descriptions": [{"lang": "en", "value": "Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-776", "description": "CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-15T23:45:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e"}], "source": {"advisory": "GHSA-9gwx-9cwp-5c2m", "discovery": "UNKNOWN"}, "title": "Opencast vulnerable to billion laughs attack (XML bomb)", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32623", "STATE": "PUBLIC", "TITLE": "Opencast vulnerable to billion laughs attack (XML bomb)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "opencast", "version": {"version_data": [{"version_value": "< 9.6"}]}}]}, "vendor_name": "opencast"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m", "refsource": "CONFIRM", "url": "https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m"}, {"name": "https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e", "refsource": "MISC", "url": "https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e"}]}, "source": {"advisory": "GHSA-9gwx-9cwp-5c2m", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32623", "datePublished": "2021-06-15T23:45:10", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2021-06-15T23:45:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apereo:opencast:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A9BAD00-C232-4ACC-B2AA-4EC1C37CFECC", "versionEndExcluding": "9.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue."}, {"lang": "es", "value": "Opencast es una soluci\u00f3n gratuita y de c\u00f3digo abierto para la captura y distribuci\u00f3n autom\u00e1tica de v\u00eddeo. Las versiones de Opencast anteriores a versi\u00f3n 9.6 son vulnerables al ataque de los mil millones de risas, que permite a un atacante ejecutar f\u00e1cilmente un ataque de denegaci\u00f3n de servicio (aparentemente permanente), esencialmente derribando Opencast usando una \u00fanica petici\u00f3n HTTP. Para explotar esto, los usuarios necesitan tener privilegios de ingesta, limitando el grupo de atacantes potenciales. El problema se ha corregido en Opencast versi\u00f3n 9.6. No se conoce ninguna soluci\u00f3n para este problema"}], "id": "CVE-2021-32623", "lastModified": "2021-06-23T19:55:22.117", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-06-16T00:15:07.717", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/opencast/opencast/commit/8ae27da5a6f658011a5741b3210e715b0dc6213e"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/opencast/opencast/security/advisories/GHSA-9gwx-9cwp-5c2m"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-776"}], "source": "security-advisories@github.com", "type": "Primary"}]}