CVE-2023-45146 - OpenCVE

XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once deserialized, force it to execute arbitrary code. This can be abused to take control of the machine the server is running by way of remote code execution. This issue has not been fixed.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Xxl-rpc Project	Xxl-rpc

Configuration 1 [-]

cpe:2.3:a:xxl-rpc_project:xxl-rpc:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/
https://www.vicarius.io/vsociety/posts/xxl-rpc-rce-cve-2023-45146

History

Thu, 29 Aug 2024 20:30:00 +0000

Type	Values Removed	Values Added
References		https://www.vicarius.io/vsociety/posts/xxl-rpc-rce-cve-2023-45146

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-18T21:56:55.614Z

Updated: 2024-08-29T17:09:23.119Z

Reserved: 2023-10-04T16:02:46.330Z

Link: CVE-2023-45146

Vulnrichment

Updated: 2024-08-19T07:48:07.804Z

NVD

Status : Analyzed

Published: 2023-10-18T22:15:09.323

Modified: 2023-10-30T14:14:07.753

Link: CVE-2023-45146

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45146", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-04T16:02:46.330Z", "datePublished": "2023-10-18T21:56:55.614Z", "dateUpdated": "2024-08-29T17:09:23.119Z"}, "containers": {"cna": {"title": "Remote code execution in XXL-RPC", "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "lang": "en", "description": "CWE-502: Deserialization of Untrusted Data", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/", "tags": ["x_refsource_CONFIRM"], "url": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/"}], "affected": [{"vendor": "xuexueli", "product": "xxl-rpc", "versions": [{"version": "<= 1.7.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-18T21:56:55.614Z"}, "descriptions": [{"lang": "en", "value": "XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once deserialized, force it to execute arbitrary code. This can be abused to take control of the machine the server is running by way of remote code execution. This issue has not been fixed."}], "source": {"advisory": "GHSA-f984-3wx8-grp9", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:48:07.804Z"}, "title": "CVE Program Container", "references": [{"name": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/"}, {"url": "https://www.vicarius.io/vsociety/posts/xxl-rpc-rce-cve-2023-45146"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-29T16:08:53.642798Z", "id": "CVE-2023-45146", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T17:09:23.119Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/", "name": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://www.vicarius.io/vsociety/posts/xxl-rpc-rce-cve-2023-45146"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:48:07.804Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-45146", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-29T16:08:53.642798Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T17:09:19.322Z"}}], "cna": {"title": "Remote code execution in XXL-RPC", "source": {"advisory": "GHSA-f984-3wx8-grp9", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "xuexueli", "product": "xxl-rpc", "versions": [{"status": "affected", "version": "<= 1.7.0"}]}], "references": [{"url": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/", "name": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once deserialized, force it to execute arbitrary code. This can be abused to take control of the machine the server is running by way of remote code execution. This issue has not been fixed."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-18T21:56:55.614Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45146", "state": "PUBLISHED", "dateUpdated": "2024-08-29T17:09:23.119Z", "dateReserved": "2023-10-04T16:02:46.330Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-10-18T21:56:55.614Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xxl-rpc_project:xxl-rpc:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9AF588F-3BB3-421A-9FEB-A1EACED79D2A", "versionEndIncluding": "1.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once deserialized, force it to execute arbitrary code. This can be abused to take control of the machine the server is running by way of remote code execution. This issue has not been fixed."}, {"lang": "es", "value": "XXL-RPC es un framework RPC distribuido de alto rendimiento. Con \u00e9l, se puede configurar un servidor TCP utilizando el marco Netty y el mecanismo de serializaci\u00f3n de Hesse. Cuando se utiliza dicha configuraci\u00f3n, los atacantes pueden conectarse al servidor y proporcionar objetos serializados maliciosos que, una vez deseriaizados, lo obligan a ejecutar c\u00f3digo arbitrario. Se puede abusar de esto para tomar el control de la m\u00e1quina que ejecuta el servidor mediante la ejecuci\u00f3n remota de c\u00f3digo. Este problema no se ha solucionado."}], "id": "CVE-2023-45146", "lastModified": "2023-10-30T14:14:07.753", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-18T22:15:09.323", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2023-052_XXL-RPC/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-502"}], "source": "security-advisories@github.com", "type": "Secondary"}]}