CVE-2023-32275 - OpenCVE

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Softether	Vpn

Configuration 1 [-]

OR	cpe:2.3:a:softether:vpn:4.41-9782:beta::::::
	cpe:2.3:a:softether:vpn:5.01.9674:::::::*

No data.

References

Link	Providers
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753
https://www.softether.org/9-about/News/904-SEVPN202301

History

Tue, 17 Sep 2024 19:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2023-10-12T15:27:52.706Z

Updated: 2024-09-17T18:16:57.864Z

Reserved: 2023-06-02T14:34:01.906Z

Link: CVE-2023-32275

Vulnrichment

Updated: 2024-08-02T15:10:24.240Z

NVD

Status : Analyzed

Published: 2023-10-12T16:15:11.840

Modified: 2023-10-18T18:58:18.027

Link: CVE-2023-32275

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32275", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2023-06-02T14:34:01.906Z", "datePublished": "2023-10-12T15:27:52.706Z", "dateUpdated": "2024-09-17T18:16:57.864Z"}, "containers": {"cna": {"affected": [{"vendor": "SoftEther VPN", "product": "SoftEther VPN", "versions": [{"version": "4.41-9782-beta", "status": "affected"}, {"version": "5.01.9674", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-201: Information Exposure Through Sent Data", "type": "CWE", "cweId": "CWE-201"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-10-12T17:00:08.274Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753"}, {"url": "https://www.softether.org/9-about/News/904-SEVPN202301", "name": "https://www.softether.org/9-about/News/904-SEVPN202301"}], "credits": [{"lang": "en", "value": "Discovered by Lilith >_> of Cisco Talos."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:24.240Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753", "tags": ["x_transferred"]}, {"url": "https://www.softether.org/9-about/News/904-SEVPN202301", "name": "https://www.softether.org/9-about/News/904-SEVPN202301", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "softether", "product": "vpn", "cpes": ["cpe:2.3:a:softether:vpn:4.41-9782:beta:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.41-9782", "status": "affected"}]}, {"vendor": "softether", "product": "vpn", "cpes": ["cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.01.9674", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-17T18:13:28.822856Z", "id": "CVE-2023-32275", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T18:16:57.864Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753", "tags": ["x_transferred"]}, {"url": "https://www.softether.org/9-about/News/904-SEVPN202301", "name": "https://www.softether.org/9-about/News/904-SEVPN202301", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:10:24.240Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-32275", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-17T18:13:28.822856Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:softether:vpn:4.41-9782:beta:*:*:*:*:*:*"], "vendor": "softether", "product": "vpn", "versions": [{"status": "affected", "version": "4.41-9782"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*"], "vendor": "softether", "product": "vpn", "versions": [{"status": "affected", "version": "5.01.9674"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T18:16:51.524Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by Lilith >_> of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "SoftEther VPN", "product": "SoftEther VPN", "versions": [{"status": "affected", "version": "4.41-9782-beta"}, {"status": "affected", "version": "5.01.9674"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753"}, {"url": "https://www.softether.org/9-about/News/904-SEVPN202301", "name": "https://www.softether.org/9-about/News/904-SEVPN202301"}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-201", "description": "CWE-201: Information Exposure Through Sent Data"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-10-12T17:00:08.274Z"}}}, "cveMetadata": {"cveId": "CVE-2023-32275", "state": "PUBLISHED", "dateUpdated": "2024-09-17T18:16:57.864Z", "dateReserved": "2023-06-02T14:34:01.906Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2023-10-12T15:27:52.706Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:softether:vpn:4.41-9782:beta:*:*:*:*:*:*", "matchCriteriaId": "79C47EE5-1B55-4FDD-A5B5-E10FF3337100", "vulnerable": true}, {"criteria": "cpe:2.3:a:softether:vpn:5.01.9674:*:*:*:*:*:*:*", "matchCriteriaId": "5CF5CF13-B22F-494B-BDC0-B59371979251", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la funcionalidad CtEnumCa() de SoftEther VPN 4.41-9782-beta y 5.01.9674. Los paquetes de red especialmente manipulados pueden dar lugar a la divulgaci\u00f3n de informaci\u00f3n confidencial. Un atacante puede enviar paquetes para desencadenar esta vulnerabilidad."}], "id": "CVE-2023-32275", "lastModified": "2023-10-18T18:58:18.027", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "talos-cna@cisco.com", "type": "Secondary"}]}, "published": "2023-10-12T16:15:11.840", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753"}, {"source": "talos-cna@cisco.com", "tags": ["Vendor Advisory"], "url": "https://www.softether.org/9-about/News/904-SEVPN202301"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-201"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}