CVE-2023-32200 - Vulnerability Details - OpenCVE

There is insufficient restrictions of called script functions in Apache Jena
versions 4.8.0 and earlier. It allows a
remote user to execute javascript via a SPARQL query.
This issue affects Apache Jena: from 3.7.0 through 4.8.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00635.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Apache	Jena

Configuration 1 [-]

cpe:2.3:a:apache:jena:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-2087	There is insufficient restrictions of called script functions in Apache Jena versions 4.8.0 and earlier. It allows a remote user to execute javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0 through 4.8.0.
Github GHSA	GHSA-j927-w6g7-7c7w	Apache Jena Expression Language Injection vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z
https://www.cve.org/CVERecord?id=CVE-2023-22665

History

Mon, 07 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-07-12T07:49:55.432Z

Updated: 2024-10-07T19:42:49.706Z

Reserved: 2023-05-04T12:49:34.610Z

Link: CVE-2023-32200

Vulnrichment

Updated: 2024-08-02T15:10:23.901Z

NVD

Status : Modified

Published: 2023-07-12T08:15:10.070

Modified: 2024-11-21T08:02:53.243

Link: CVE-2023-32200

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32200", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-05-04T12:49:34.610Z", "datePublished": "2023-07-12T07:49:55.432Z", "dateUpdated": "2024-10-07T19:42:49.706Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Jena", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "4.8.0", "status": "affected", "version": "3.7.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "s3gundo of Alibaba"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There is insufficient restrictions of called script functions in Apache Jena\n versions 4.8.0 and earlier. It allows a \nremote user to execute javascript via a SPARQL query.<br><p>This issue affects Apache Jena: from 3.7.0 through 4.8.0.</p>"}], "value": "There is insufficient restrictions of called script functions in Apache Jena\n versions 4.8.0 and earlier. It allows a \nremote user to execute javascript via a SPARQL query.\nThis issue affects Apache Jena: from 3.7.0 through 4.8.0.\n\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-917", "description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-12T07:49:55.432Z"}, "references": [{"tags": ["related"], "url": "https://www.cve.org/CVERecord?id=CVE-2023-22665"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z"}], "source": {"discovery": "EXTERNAL"}, "title": "Apache Jena: Exposure of execution in script engine expressions.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:23.901Z"}, "title": "CVE Program Container", "references": [{"tags": ["related", "x_transferred"], "url": "https://www.cve.org/CVERecord?id=CVE-2023-22665"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z"}]}, {"affected": [{"vendor": "apache", "product": "jena", "cpes": ["cpe:2.3:a:apache:jena:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.7.0", "status": "affected", "lessThanOrEqual": "4.8.0", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-07T19:41:36.847404Z", "id": "CVE-2023-32200", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-07T19:42:49.706Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2023-22665", "tags": ["related", "x_transferred"]}, {"url": "https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:23.901Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-32200", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-07T19:41:36.847404Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache:jena:*:*:*:*:*:*:*:*"], "vendor": "apache", "product": "jena", "versions": [{"status": "affected", "version": "3.7.0", "versionType": "custom", "lessThanOrEqual": "4.8.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-07T19:42:45.770Z"}}], "cna": {"title": "Apache Jena: Exposure of execution in script engine expressions.", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "s3gundo of Alibaba"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "important"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Jena", "versions": [{"status": "affected", "version": "3.7.0", "versionType": "semver", "lessThanOrEqual": "4.8.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2023-22665", "tags": ["related"]}, {"url": "https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "There is insufficient restrictions of called script functions in Apache Jena\n versions 4.8.0 and earlier. It allows a \nremote user to execute javascript via a SPARQL query.\nThis issue affects Apache Jena: from 3.7.0 through 4.8.0.\n\n", "supportingMedia": [{"type": "text/html", "value": "There is insufficient restrictions of called script functions in Apache Jena\n versions 4.8.0 and earlier. It allows a \nremote user to execute javascript via a SPARQL query.<br><p>This issue affects Apache Jena: from 3.7.0 through 4.8.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-917", "description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-12T07:49:55.432Z"}}}, "cveMetadata": {"cveId": "CVE-2023-32200", "state": "PUBLISHED", "dateUpdated": "2024-10-07T19:42:49.706Z", "dateReserved": "2023-05-04T12:49:34.610Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-07-12T07:49:55.432Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:jena:*:*:*:*:*:*:*:*", "matchCriteriaId": "16650542-BB5B-4572-862A-B3122A20D882", "versionEndIncluding": "4.8.0", "versionStartIncluding": "3.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "There is insufficient restrictions of called script functions in Apache Jena\n versions 4.8.0 and earlier. It allows a \nremote user to execute javascript via a SPARQL query.\nThis issue affects Apache Jena: from 3.7.0 through 4.8.0.\n\n"}], "id": "CVE-2023-32200", "lastModified": "2024-11-21T08:02:53.243", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-07-12T08:15:10.070", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.cve.org/CVERecord?id=CVE-2023-22665"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46z"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.cve.org/CVERecord?id=CVE-2023-22665"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-917"}], "source": "security@apache.org", "type": "Secondary"}]}