CVE-2023-51630 - OpenCVE

Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the web console. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-21182.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Paessler	Prtg Network Monitor

Configuration 1 [-]

cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.zerodayinitiative.com/advisories/ZDI-24-073/	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: zdi

Published: 2024-02-08T22:13:34.474Z

Updated: 2024-07-05T17:20:49.020Z

Reserved: 2023-12-20T21:52:34.962Z

Link: CVE-2023-51630

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-02-08T23:15:09.933

Modified: 2024-02-15T17:15:20.487

Link: CVE-2023-51630

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-51630", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-12-20T21:52:34.962Z", "datePublished": "2024-02-08T22:13:34.474Z", "dateUpdated": "2024-07-05T17:20:49.020Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-02-08T22:13:34.474Z"}, "title": "Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability", "descriptions": [{"lang": "en", "value": "Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the web console. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-21182."}], "affected": [{"vendor": "Paessler", "product": "PRTG Network Monitor", "versions": [{"version": "23.2.84.1566", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-073/", "name": "ZDI-24-073", "tags": ["x_research-advisory"]}], "dateAssigned": "2023-12-20T16:02:27.445-06:00", "datePublic": "2024-01-15T00:44:18.756-06:00", "source": {"lang": "en", "value": "n1nj4sec"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-51630", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-09T19:22:15.878574Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:20:49.020Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:*", "matchCriteriaId": "61F8D5B3-0ECF-4309-A33F-2772F4437184", "versionEndExcluding": "24.1.90.1306", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the web console. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-21182."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de cross-site scripting de Paessler PRTG Network Monitor. Esta vulnerabilidad permite a atacantes remotos evitar la autenticaci\u00f3n en las instalaciones afectadas de Paessler PRTG Network Monitor. Se requiere la interacci\u00f3n del usuario para aprovechar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en la consola web. El problema se debe a la falta de validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede llevar a la inyecci\u00f3n de un script arbitrario. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticaci\u00f3n en el sistema. Era ZDI-CAN-21182."}], "id": "CVE-2023-51630", "lastModified": "2024-02-15T17:15:20.487", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-08T23:15:09.933", "references": [{"source": "zdi-disclosures@trendmicro.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-073/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}