CVE-2023-23925 - OpenCVE

Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation (EXIST), where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS). This issue has been patched in version 3.1.4. As a workaround, avoid using Strategy settings that use REGEX in conjunction with EXIST and NOT_EXIST operations.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Switcherapi	Switcher Client

Configuration 1 [-]

cpe:2.3:a:switcherapi:switcher_client:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/switcherapi/switcher-client-master/releases/tag/v3.1.4
https://github.com/switcherapi/switcher-client-master/security/advisories/GHSA-wqxw-8h5g-hq56

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-02-03T19:05:30.909Z

Updated: 2024-08-02T10:42:27.101Z

Reserved: 2023-01-19T21:12:31.358Z

Link: CVE-2023-23925

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-03T20:15:10.433

Modified: 2023-11-07T04:08:06.150

Link: CVE-2023-23925

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23925", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-01-19T21:12:31.358Z", "datePublished": "2023-02-03T19:05:30.909Z", "dateUpdated": "2024-08-02T10:42:27.101Z"}, "containers": {"cna": {"title": "Switcher Client contains Regular Expression Denial of Service (ReDoS)", "problemTypes": [{"descriptions": [{"cweId": "CWE-1333", "lang": "en", "description": "CWE-1333: Inefficient Regular Expression Complexity", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-400", "lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/switcherapi/switcher-client-master/security/advisories/GHSA-wqxw-8h5g-hq56", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/switcherapi/switcher-client-master/security/advisories/GHSA-wqxw-8h5g-hq56"}, {"name": "https://github.com/switcherapi/switcher-client-master/releases/tag/v3.1.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/switcherapi/switcher-client-master/releases/tag/v3.1.4"}], "affected": [{"vendor": "switcherapi", "product": "switcher-client-master", "versions": [{"version": "< 3.1.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-03T19:05:30.909Z"}, "descriptions": [{"lang": "en", "value": "Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation (EXIST), where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS). This issue has been patched in version 3.1.4. As a workaround, avoid using Strategy settings that use REGEX in conjunction with EXIST and NOT_EXIST operations.\n"}], "source": {"advisory": "GHSA-wqxw-8h5g-hq56", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:42:27.101Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/switcherapi/switcher-client-master/security/advisories/GHSA-wqxw-8h5g-hq56", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/switcherapi/switcher-client-master/security/advisories/GHSA-wqxw-8h5g-hq56"}, {"name": "https://github.com/switcherapi/switcher-client-master/releases/tag/v3.1.4", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/switcherapi/switcher-client-master/releases/tag/v3.1.4"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:switcherapi:switcher_client:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "0F11AE52-E4E6-457D-BABE-908B965DB606", "versionEndExcluding": "3.1.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation (EXIST), where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack (reDOS). This issue has been patched in version 3.1.4. As a workaround, avoid using Strategy settings that use REGEX in conjunction with EXIST and NOT_EXIST operations.\n"}], "id": "CVE-2023-23925", "lastModified": "2023-11-07T04:08:06.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-02-03T20:15:10.433", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/switcherapi/switcher-client-master/releases/tag/v3.1.4"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/switcherapi/switcher-client-master/security/advisories/GHSA-wqxw-8h5g-hq56"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1333"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1333"}, {"lang": "en", "value": "CWE-400"}], "source": "security-advisories@github.com", "type": "Secondary"}]}