{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-45670", "ASSIGNER": "security-advisories@github.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, the `config/save` and `config/set` endpoints of Frigate do not implement any CSRF protection. This makes it possible for a request sourced from another site to update the configuration of the Frigate server (e.g. via \"drive-by\" attack). Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. This issue can lead to arbitrary configuration updates for the Frigate server, resulting in denial of service and possible data exfiltration. Version 0.13.0 Beta 3 contains a patch." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-352: Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "blakeblackshear", "product": { "product_data": [ { "product_name": "frigate", "version": { "version_data": [ { "version_affected": "=", "version_value": "< 0.13.0-beta3" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://github.com/blakeblackshear/frigate/security/advisories/GHSA-xq49-hv88-jr6h", "refsource": "MISC", "name": "https://github.com/blakeblackshear/frigate/security/advisories/GHSA-xq49-hv88-jr6h" }, { "url": "https://about.gitlab.com/blog/2021/09/07/why-are-developers-vulnerable-to-driveby-attacks/", "refsource": "MISC", "name": "https://about.gitlab.com/blog/2021/09/07/why-are-developers-vulnerable-to-driveby-attacks/" }, { "url": "https://github.com/blakeblackshear/frigate/blob/5658e5a4cc7376504af9de5e1eff178939a13e7f/frigate/http.py#L1060", "refsource": "MISC", "name": "https://github.com/blakeblackshear/frigate/blob/5658e5a4cc7376504af9de5e1eff178939a13e7f/frigate/http.py#L1060" }, { "url": "https://github.com/blakeblackshear/frigate/blob/6aedc39a9a421cf48000a727f36b4c1495848a1d/frigate/http.py#L998", "refsource": "MISC", "name": "https://github.com/blakeblackshear/frigate/blob/6aedc39a9a421cf48000a727f36b4c1495848a1d/frigate/http.py#L998" }, { "url": "https://github.com/blakeblackshear/frigate/discussions/8366", "refsource": "MISC", "name": "https://github.com/blakeblackshear/frigate/discussions/8366" } ] }, "source": { "advisory": "GHSA-xq49-hv88-jr6h", "discovery": "UNKNOWN" }, "impact": { "cvss": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } ] } }