admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-34040.md
0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00

26 lines
1.8 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

### [CVE-2023-34040](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34040)
![](https://img.shields.io/static/v1?label=Product&message=Spring%20For%20Apache%20Kafka&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.8.x%3C%202.9.11%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)
### Description
In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deserialization exception record headers.Specifically, an application is vulnerable when all of the following are true: * The user does not configure an ErrorHandlingDeserializer for the key and/or value of the record * The user explicitly sets container properties checkDeserExWhenKeyNull and/or checkDeserExWhenValueNull container properties to true. * The user allows untrusted sources to publish to a Kafka topicBy default, these properties are false, and the container only attempts to deserialize the headers if an ErrorHandlingDeserializer is configured. The ErrorHandlingDeserializer prevents the vulnerability by removing any such malicious headers before processing the record.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040
- https://github.com/Y4tacker/JavaSec
- https://github.com/buiduchoang24/CVE-2023-34040
- https://github.com/f0ur0four/Insecure-Deserialization
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/p4d0rn/Java_Zoo
- https://github.com/pyn3rd/CVE-2023-34040
- https://github.com/tanjiti/sec_profile
Reference in New Issue View Git Blame Copy Permalink