CVE-2023-45152 - OpenCVE

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Engelsystem	Engelsystem

Configuration 1 [-]

cpe:2.3:a:engelsystem:engelsystem:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295	Patch
https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-16T23:34:28.735Z

Updated: 2023-10-16T23:34:28.735Z

Reserved: 2023-10-04T16:02:46.331Z

Link: CVE-2023-45152

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-17T00:15:11.140

Modified: 2023-10-30T17:31:46.010

Link: CVE-2023-45152

JSON object: View

Redhat Information

No data.

CWE

CWE-918

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-45152", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-04T16:02:46.331Z", "datePublished": "2023-10-16T23:34:28.735Z", "dateUpdated": "2023-10-16T23:34:28.735Z"}, "containers": {"cna": {"title": "Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf"}, {"name": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "tags": ["x_refsource_MISC"], "url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295"}], "affected": [{"vendor": "engelsystem", "product": "engelsystem", "versions": [{"version": "< ee7d30b33", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-16T23:34:28.735Z"}, "descriptions": [{"lang": "en", "value": "Engelsystem is a shift planning system for chaos events. A Blind SSRF in the \"Import schedule\" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication."}], "source": {"advisory": "GHSA-jj9g-75wf-6ppf", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:engelsystem:engelsystem:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0F10C38-ED39-422A-8507-FA4099FAEE32", "versionEndExcluding": "2023-09-18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Engelsystem is a shift planning system for chaos events. A Blind SSRF in the \"Import schedule\" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication."}, {"lang": "es", "value": "Engelsystem es un sistema de planificaci\u00f3n de turnos para eventos de caos. Un Blind SSRF en la funcionalidad \"Import schedule\" permite realizar una exploraci\u00f3n de puertos en el entorno local. Esta vulnerabilidad se ha solucionado en el commit ee7d30b33. Si no se puede implementar un parche, los operadores deben asegurarse de que ning\u00fan servicio HTTP escuche en el host local y/o en sistemas a los que solo se pueda acceder desde el host que ejecuta el software engelsystem. Si dichos servicios son necesarios, deber\u00edan utilizar autenticaci\u00f3n adicional."}], "id": "CVE-2023-45152", "lastModified": "2023-10-30T17:31:46.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-17T00:15:11.140", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}]}