CVE-2023-43795 - Vulnerability Details - OpenCVE

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.77718.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Osgeo	Geoserver

Configuration 1 [-]

OR	cpe:2.3:a:osgeo:geoserver::::::::
	cpe:2.3:a:osgeo:geoserver::::::::

No data.

No data.

Advisories

Source	ID	Title
Github GHSA	GHSA-5pr3-m5hm-9956	WPS Server Side Request Forgery vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956

History

Wed, 18 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-24T22:14:30.956Z

Updated: 2024-09-17T14:15:26.074Z

Reserved: 2023-09-22T14:51:42.339Z

Link: CVE-2023-43795

Vulnrichment

Updated: 2024-08-02T19:52:11.081Z

NVD

Status : Modified

Published: 2023-10-25T18:17:32.180

Modified: 2024-11-21T08:24:48.003

Link: CVE-2023-43795

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-43795", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-09-22T14:51:42.339Z", "datePublished": "2023-10-24T22:14:30.956Z", "dateUpdated": "2024-09-17T14:15:26.074Z"}, "containers": {"cna": {"title": "WPS Server Side Request Forgery in GeoServer", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956"}], "affected": [{"vendor": "geoserver", "product": "geoserver", "versions": [{"version": "< 2.22.5", "status": "affected"}, {"version": ">= 2.23.0, < 2.23.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-24T22:14:30.956Z"}, "descriptions": [{"lang": "en", "value": "GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2."}], "source": {"advisory": "GHSA-5pr3-m5hm-9956", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:52:11.081Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T13:52:43.998305Z", "id": "CVE-2023-43795", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T14:15:26.074Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956", "name": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:52:11.081Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-43795", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-11T13:52:43.998305Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T14:15:22.459Z"}}], "cna": {"title": "WPS Server Side Request Forgery in GeoServer", "source": {"advisory": "GHSA-5pr3-m5hm-9956", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "geoserver", "product": "geoserver", "versions": [{"status": "affected", "version": "< 2.22.5"}, {"status": "affected", "version": ">= 2.23.0, < 2.23.2"}]}], "references": [{"url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956", "name": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-24T22:14:30.956Z"}}}, "cveMetadata": {"cveId": "CVE-2023-43795", "state": "PUBLISHED", "dateUpdated": "2024-09-17T14:15:26.074Z", "dateReserved": "2023-09-22T14:51:42.339Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-10-24T22:14:30.956Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BB82E9C-10E3-41B9-AA40-80D45DC3989F", "versionEndExcluding": "2.22.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "765C2F28-6A4F-42C4-AA52-D984D0F2F0A6", "versionEndExcluding": "2.23.2", "versionStartIncluding": "2.23.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2."}, {"lang": "es", "value": "GeoServer es un servidor de software de c\u00f3digo abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. La especificaci\u00f3n del Servicio de procesamiento web (WPS) de OGC est\u00e1 dise\u00f1ada para procesar informaci\u00f3n de cualquier servidor mediante solicitudes GET y POST. Esto presenta la oportunidad de falsificar solicitudes del lado del servidor. Esta vulnerabilidad ha sido parcheada en las versiones 2.22.5 y 2.23.2."}], "id": "CVE-2023-43795", "lastModified": "2024-11-21T08:24:48.003", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-25T18:17:32.180", "references": [{"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}