GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an ``sld=<url>`` parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles, without also configuring URL checks, provides the opportunity for Service Side Request Forgery. This vulnerability can be used to steal user NetNTLMv2 hashes which could be relayed or cracked externally to gain further access. This vulnerability has been patched in versions 2.22.5 and 2.23.2.
References
Link | Resource |
---|---|
https://github.com/geoserver/geoserver/releases/tag/2.22.5 | Release Notes |
https://github.com/geoserver/geoserver/releases/tag/2.23.2 | Release Notes |
https://github.com/geoserver/geoserver/security/advisories/GHSA-cqpc-x2c6-2gmf | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-10-24T20:15:17.428Z
Updated: 2023-10-24T20:15:17.428Z
Reserved: 2023-08-28T16:56:43.368Z
Link: CVE-2023-41339
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-25T18:17:30.840
Modified: 2023-10-31T19:53:57.670
Link: CVE-2023-41339
JSON object: View
Redhat Information
No data.
CWE