CVE-2023-2897 - OpenCVE

The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit trust of user-supplied IP addresses in an 'X-Forwarded-For' HTTP header for the purpose of validating allowed IP addresses against a Maintenance Mode whitelist. Supplying a whitelisted IP address within the 'X-Forwarded-For' header allows maintenance mode to be bypassed and may result in the disclosure of potentially sensitive information or allow access to restricted functionality.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Brizy	Brizy

Configuration 1 [-]

cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/2919443/brizy
https://www.wordfence.com/threat-intel/vulnerabilities/id/ae342dd9-2f5f-4356-8fb4-9a3e5f4f8316?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-06-09T06:48:49.496Z

Updated: 2024-08-02T06:41:03.585Z

Reserved: 2023-05-25T17:46:23.832Z

Link: CVE-2023-2897

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-06-09T07:15:10.423

Modified: 2023-11-07T04:13:30.290

Link: CVE-2023-2897

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2897", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-05-25T17:46:23.832Z", "datePublished": "2023-06-09T06:48:49.496Z", "dateUpdated": "2024-08-02T06:41:03.585Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-06-09T06:48:49.496Z"}, "affected": [{"vendor": "themefusecom", "product": "Brizy \u2013 Page Builder", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "2.4.18", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit trust of user-supplied IP addresses in an 'X-Forwarded-For' HTTP header for the purpose of validating allowed IP addresses against a Maintenance Mode whitelist. Supplying a whitelisted IP address within the 'X-Forwarded-For' header allows maintenance mode to be bypassed and may result in the disclosure of potentially sensitive information or allow access to restricted functionality."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae342dd9-2f5f-4356-8fb4-9a3e5f4f8316?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/2919443/brizy"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-348 Use of Less Trusted Source"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.7, "baseSeverity": "LOW"}}], "credits": [{"lang": "en", "type": "finder", "value": "Alex Thomas"}], "timeline": [{"time": "2023-05-18T00:00:00.000+00:00", "lang": "en", "value": "Discovered"}, {"time": "2023-05-25T00:00:00.000+00:00", "lang": "en", "value": "Vendor Notified"}, {"time": "2023-05-31T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:41:03.585Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae342dd9-2f5f-4356-8fb4-9a3e5f4f8316?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2919443/brizy", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "308F44A9-7B85-4B30-BF68-72D8180795E5", "versionEndIncluding": "2.4.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit trust of user-supplied IP addresses in an 'X-Forwarded-For' HTTP header for the purpose of validating allowed IP addresses against a Maintenance Mode whitelist. Supplying a whitelisted IP address within the 'X-Forwarded-For' header allows maintenance mode to be bypassed and may result in the disclosure of potentially sensitive information or allow access to restricted functionality."}], "id": "CVE-2023-2897", "lastModified": "2023-11-07T04:13:30.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2023-06-09T07:15:10.423", "references": [{"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/2919443/brizy"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae342dd9-2f5f-4356-8fb4-9a3e5f4f8316?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}]}