admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-507xx/CVE-2023-50713.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

115 lines
6.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-50713",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-14T19:15:16.340",
"lastModified": "2023-12-28T20:23:47.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, using frontend-2, created a Personal Access Token (PAT) with `token write` scope. When creating a new token an agent needs to authorise the request with an existing token (the 'requesting token'). The requesting token is required to have token write scope in order to generate new tokens. However, Speckle server was not verifying that other privileges granted to the new token were not in excess of the privileges of the requesting token. A malicious actor could use a token with only token write scope to subsequently generate further tokens with additional privileges. These privileges would only grant privileges up to the existing privileges of the user. This vulnerability cannot be used to escalate a user's privileges or grant privileges on behalf of other users.\n\nThis has been patched as of version 2.17.6. All operators of Speckle servers should upgrade their server to version 2.17.6 or higher. Any users who authorized an application with 'token write' scope, or created a token in frontend-2 with `token write` scope should review existing tokens and permanently revoke any they do not recognize, revoke existing tokens and create new tokens, and review usage of their account for suspicious activity. No known workarounds for this issue exist."
},
{
"lang": "es",
"value": "Speckle Server proporciona servidor, interfaz, visor 3D y otras utilidades de JavaScript para la plataforma de datos Speckle 3D. Una vulnerabilidad en versiones anteriores a la 2.17.6 afecta a los usuarios que: autorizaron una aplicaci\u00f3n que solicit\u00f3 un alcance de \"escritura de token\" o, utilizando frontend-2, crearon un token de acceso personal (PAT) con alcance de \"escritura de token\". Al crear un nuevo token, un agente debe autorizar la solicitud con un token existente (el \"token solicitante\"). Se requiere que el token solicitante tenga alcance de escritura de token para poder generar nuevos tokens. Sin embargo, el servidor Speckle no estaba verificando que otros privilegios otorgados al nuevo token no excedieran los privilegios del token solicitante. Un actor malintencionado podr\u00eda utilizar un token con alcance de escritura de token \u00fanicamente para generar posteriormente m\u00e1s tokens con privilegios adicionales. Estos privilegios solo otorgar\u00edan permisos hasta los privilegios existentes del usuario. Esta vulnerabilidad no se puede utilizar para escalar los privilegios de un usuario ni otorgar permisos en nombre de otros usuarios. Esto ha sido parcheado a partir de la versi\u00f3n 2.17.6. Todos los operadores de servidores Speckle deben actualizar su servidor a la versi\u00f3n 2.17.6 o superior. Cualquier usuario que haya autorizado una aplicaci\u00f3n con alcance de \"escritura de token\" o haya creado un token en frontend-2 con alcance de \"escritura de token\" debe revisar los tokens existentes y revocar permanentemente los que no reconozcan, revocar los tokens existentes y crear nuevos tokens, y revisar uso de su cuenta para actividades sospechosas. No existen workarounds conocidas para este problema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1220"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:specklesystems:speckle_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.17.6",
"matchCriteriaId": "B6E7134A-CA97-4DF0-BF26-FE9BFF2E71E0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/specklesystems/speckle-server/commit/3689e1cd58ec4f06abee836af34889d6ce474571",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/specklesystems/speckle-server/releases/tag/2.17.6",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/specklesystems/speckle-server/security/advisories/GHSA-xpf3-5q5x-3qwh",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink