CVE-2023-4550 - OpenCVE

Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel
Microsoft	Windows
Opentext	Appbuilder

Configuration 1 [-]

AND

cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

References

Link	Resource
https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b	Permissions Required

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: OpenText

Published: 2024-01-29T20:56:09.908Z

Updated: 2024-01-29T20:56:09.908Z

Reserved: 2023-08-25T16:54:44.535Z

Link: CVE-2023-4550

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-29T21:15:08.670

Modified: 2024-02-05T18:30:53.983

Link: CVE-2023-4550

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-4550", "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "state": "PUBLISHED", "assignerShortName": "OpenText", "dateReserved": "2023-08-25T16:54:44.535Z", "datePublished": "2024-01-29T20:56:09.908Z", "dateUpdated": "2024-01-29T20:56:09.908Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows", "Linux"], "product": "AppBuilder", "vendor": "OpenText", "versions": [{"status": "unaffected", "version": "23.2"}, {"lessThan": "23.2", "status": "affected", "version": "21.2", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "George Mathias"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files.</div><div>An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. <br></div><p>This issue affects AppBuilder: from 21.2 before 23.2.</p>"}], "value": "Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files.\n\nAn unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. \n\n\nThis issue affects AppBuilder: from 21.2 before 23.2.\n\n"}], "impacts": [{"capecId": "CAPEC-639", "descriptions": [{"lang": "en", "value": "CAPEC-639 Probe System Files"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "OpenText", "dateUpdated": "2024-01-29T20:56:09.908Z"}, "references": [{"url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b"}], "source": {"discovery": "UNKNOWN"}, "title": "Unauthenticated Arbitrary File Read", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F278A97-1D94-451A-8563-6ADB44E5EBAB", "versionEndExcluding": "23.2", "versionStartIncluding": "21.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files.\n\nAn unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. \n\n\nThis issue affects AppBuilder: from 21.2 before 23.2.\n\n"}, {"lang": "es", "value": "Vulnerabilidad de validaci\u00f3n de entrada incorrecta, archivos o directorios accesibles a partes externas en OpenText AppBuilder en Windows, Linux permite sondear archivos del sistema. Un usuario autenticado o no autenticado puede abusar de una p\u00e1gina de AppBuilder para leer archivos arbitrarios en el servidor en el que est\u00e1 alojada. Este problema afecta a AppBuilder: desde 21.2 antes de 23.2."}], "id": "CVE-2023-4550", "lastModified": "2024-02-05T18:30:53.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@opentext.com", "type": "Secondary"}]}, "published": "2024-01-29T21:15:08.670", "references": [{"source": "security@opentext.com", "tags": ["Permissions Required"], "url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-552"}], "source": "security@opentext.com", "type": "Secondary"}]}