CVE-2023-34110 - OpenCVE

Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin privileges, could by adding a special character on the add, edit User forms trigger a database error, this error is surfaced back to this actor on the UI. On certain database engines this error can include the entire user row including the pbkdf2:sha256 hashed password. This vulnerability has been fixed in version 4.3.2.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Flask-appbuilder Project	Flask-appbuilder

Configuration 1 [-]

cpe:2.3:a:flask-appbuilder_project:flask-appbuilder:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626
https://github.com/dpgaspar/Flask-AppBuilder/pull/2045
https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2
https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-06-22T22:34:39.865Z

Updated: 2024-08-02T16:01:53.900Z

Reserved: 2023-05-25T21:56:51.246Z

Link: CVE-2023-34110

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-22T23:15:09.410

Modified: 2023-07-03T19:00:56.767

Link: CVE-2023-34110

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-34110", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-05-25T21:56:51.246Z", "datePublished": "2023-06-22T22:34:39.865Z", "dateUpdated": "2024-08-02T16:01:53.900Z"}, "containers": {"cna": {"title": "Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error", "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "lang": "en", "description": "CWE-209: Generation of Error Message Containing Sensitive Information", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3"}, {"name": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045", "tags": ["x_refsource_MISC"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045"}, {"name": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626", "tags": ["x_refsource_MISC"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626"}, {"name": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2"}], "affected": [{"vendor": "dpgaspar", "product": "Flask-AppBuilder", "versions": [{"version": "< 4.3.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-06-22T22:34:39.865Z"}, "descriptions": [{"lang": "en", "value": "Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin privileges, could by adding a special character on the add, edit User forms trigger a database error, this error is surfaced back to this actor on the UI. On certain database engines this error can include the entire user row including the pbkdf2:sha256 hashed password. This vulnerability has been fixed in version 4.3.2.\n"}], "source": {"advisory": "GHSA-jhpr-j7cq-3jp3", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:01:53.900Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3"}, {"name": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045"}, {"name": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626"}, {"name": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:flask-appbuilder_project:flask-appbuilder:*:*:*:*:*:*:*:*", "matchCriteriaId": "89D84C58-58FA-4CEE-804D-F114CD419E72", "versionEndExcluding": "4.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin privileges, could by adding a special character on the add, edit User forms trigger a database error, this error is surfaced back to this actor on the UI. On certain database engines this error can include the entire user row including the pbkdf2:sha256 hashed password. This vulnerability has been fixed in version 4.3.2.\n"}], "id": "CVE-2023-34110", "lastModified": "2023-07-03T19:00:56.767", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-06-22T23:15:09.410", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-209"}], "source": "security-advisories@github.com", "type": "Primary"}]}