Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
References
Link | Resource |
---|---|
https://blog.mondoo.com/chef-infra-server-cve-2023-28864-impact-and-remediation | Mitigation Third Party Advisory |
https://docs.chef.io/release_notes_server/ | Release Notes |
https://github.com/chef/chef-server/blob/8a2dc82148844767f7c7728633a03dcee812e56a/omnibus/files/server-ctl-cookbooks/infra-server/recipes/oc_bifrost.rb#L42 | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-07-17T00:00:00
Updated: 2023-07-17T00:00:00
Reserved: 2023-03-26T00:00:00
Link: CVE-2023-28864
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-17T20:15:13.343
Modified: 2023-07-27T03:47:50.647
Link: CVE-2023-28864
JSON object: View
Redhat Information
No data.
CWE