admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-09-15 10:00:33 +00:00
parent c9cbd449cf
commit 873aaaec16
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
1 changed files with 107 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
2023/4xxx/CVE-2023-4959.json
View File

@ -1,17 +1,120 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4959",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Quay. Cross-site request forgery (CSRF) attacks force a user to perform unwanted actions in an application. During the pentest, it was detected that the config-editor page is vulnerable to CSRF. The config-editor page is used to configure the Quay instance. By coercing the victim\u2019s browser into sending an attacker-controlled request from another domain, it is possible to reconfigure the Quay instance (including adding users with admin privileges)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "quay",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Quay 3",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4959",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-4959"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238908",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2238908"
}
]
},
"work_around": [
{
"lang": "en",
"value": "To avoid the risk associated with this vulnerability, it is recommended to include a secret in all requests that may generate a change in the application's data. A secret is understood, for example, as an extra parameter, generated and sent to the client when accessing the web resource from which the request to be protected is launched. This secret must be generated randomly and be different for each request to be made. On the server side, the application must check that these requests, which cause significant modifications to the data, include the previously generated secrets. If this is not included or is erroneous, the application should not perform the corresponding action.\n\nIn addition to this secret, it is recommended to set the \"SameSite\" attribute in the session cookie with the following values:\n- SameSite=Strict: this value prevents the cookie from being sent in any cross-origin request.\n- SameSite=Lax: this is the value that is recommended in this case as any action carried out via POST or via a script from a cross-origin will be rejected by the browser."
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Oleg Sushchenko (Red Hat)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}