OpenCVE

When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pingidentity	Pingfederate

Configuration 1 [-]

cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244
https://www.pingidentity.com/en/resources/downloads/pingfederate.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: Ping Identity

Published: 2023-10-25T02:03:56.433Z

Updated: 2024-09-10T15:05:08.099Z

Reserved: 2023-07-25T20:13:14.876Z

Link: CVE-2023-34085

Vulnrichment

Updated: 2024-08-02T16:01:53.879Z

NVD

Status : Modified

Published: 2023-10-25T18:17:28.010

Modified: 2024-11-21T08:06:30.577

Link: CVE-2023-34085

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-34085", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "state": "PUBLISHED", "assignerShortName": "Ping Identity", "dateReserved": "2023-07-25T20:13:14.876Z", "datePublished": "2023-10-25T02:03:56.433Z", "dateUpdated": "2024-09-10T15:05:08.099Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PingFederate", "vendor": "Ping Identity", "versions": [{"lessThanOrEqual": "11.3.0", "status": "affected", "version": "11.3", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "AWS DynamoDB as user attribute store"}], "value": "AWS DynamoDB as user attribute store"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request</span><br>"}], "value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-359", "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2023-10-25T02:03:56.433Z"}, "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}, {"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"}], "source": {"advisory": "SECADV037", "defect": ["PF-33935"], "discovery": "INTERNAL"}, "title": "User Attribute Disclosure via DynamoDB Data Stores", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:01:53.879Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html", "tags": ["x_transferred"]}, {"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-10T15:00:49.766852Z", "id": "CVE-2023-34085", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T15:05:08.099Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html", "tags": ["x_transferred"]}, {"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:01:53.879Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-34085", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:00:49.766852Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T15:04:51.439Z"}}], "cna": {"title": "User Attribute Disclosure via DynamoDB Data Stores", "source": {"defect": ["PF-33935"], "advisory": "SECADV037", "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Ping Identity", "product": "PingFederate", "versions": [{"status": "affected", "version": "11.3", "versionType": "custom", "lessThanOrEqual": "11.3.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}, {"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: transparent;\">When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-359", "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor"}]}], "configurations": [{"lang": "en", "value": "AWS DynamoDB as user attribute store", "supportingMedia": [{"type": "text/html", "value": "AWS DynamoDB as user attribute store", "base64": false}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2023-10-25T02:03:56.433Z"}}}, "cveMetadata": {"cveId": "CVE-2023-34085", "state": "PUBLISHED", "dateUpdated": "2024-09-10T15:05:08.099Z", "dateReserved": "2023-07-25T20:13:14.876Z", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "datePublished": "2023-10-25T02:03:56.433Z", "assignerShortName": "Ping Identity"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*", "matchCriteriaId": "94AC65E4-D19B-4D50-A109-B6DA1F15E7E8", "versionEndIncluding": "11.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"}, {"lang": "es", "value": "Cuando se utiliza una tabla de AWS DynamoDB para el almacenamiento de atributos de usuario, es posible recuperar los atributos de otro usuario mediante una solicitud manipulada con fines malintencionados."}], "id": "CVE-2023-34085", "lastModified": "2024-11-21T08:06:30.577", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-25T18:17:28.010", "references": [{"source": "responsible-disclosure@pingidentity.com", "tags": ["Release Notes"], "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"}, {"source": "responsible-disclosure@pingidentity.com", "tags": ["Release Notes"], "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}], "sourceIdentifier": "responsible-disclosure@pingidentity.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-359"}], "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}