CVE-2023-45152 - Vulnerability Details - OpenCVE

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00021.

Key SSVC decision points have not yet been added.

Vendors	Products
Engelsystem	Engelsystem

Configuration 1 [-]

cpe:2.3:a:engelsystem:engelsystem:*:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295
https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-16T23:34:28.735Z

Updated: 2024-09-13T20:11:31.632Z

Reserved: 2023-10-04T16:02:46.331Z

Link: CVE-2023-45152

Vulnrichment

Updated: 2024-08-02T20:14:19.046Z

NVD

Status : Modified

Published: 2023-10-17T00:15:11.140

Modified: 2024-11-21T08:26:27.290

Link: CVE-2023-45152

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45152", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-04T16:02:46.331Z", "datePublished": "2023-10-16T23:34:28.735Z", "dateUpdated": "2024-09-13T20:11:31.632Z"}, "containers": {"cna": {"title": "Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf"}, {"name": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "tags": ["x_refsource_MISC"], "url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295"}], "affected": [{"vendor": "engelsystem", "product": "engelsystem", "versions": [{"version": "< ee7d30b33", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-16T23:34:28.735Z"}, "descriptions": [{"lang": "en", "value": "Engelsystem is a shift planning system for chaos events. A Blind SSRF in the \"Import schedule\" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication."}], "source": {"advisory": "GHSA-jj9g-75wf-6ppf", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:14:19.046Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf"}, {"name": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-13T20:11:12.533591Z", "id": "CVE-2023-45152", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-13T20:11:31.632Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "name": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:14:19.046Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-45152", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-13T20:11:12.533591Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-13T20:11:25.866Z"}}], "cna": {"title": "Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem", "source": {"advisory": "GHSA-jj9g-75wf-6ppf", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "engelsystem", "product": "engelsystem", "versions": [{"status": "affected", "version": "< ee7d30b33"}]}], "references": [{"url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "name": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "name": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Engelsystem is a shift planning system for chaos events. A Blind SSRF in the \"Import schedule\" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-16T23:34:28.735Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45152", "state": "PUBLISHED", "dateUpdated": "2024-09-13T20:11:31.632Z", "dateReserved": "2023-10-04T16:02:46.331Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-10-16T23:34:28.735Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:engelsystem:engelsystem:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0F10C38-ED39-422A-8507-FA4099FAEE32", "versionEndExcluding": "2023-09-18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Engelsystem is a shift planning system for chaos events. A Blind SSRF in the \"Import schedule\" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that no HTTP(s) services listen on localhost and/or systems only reachable from the host running the engelsystem software. If such services are necessary, they should utilize additional authentication."}, {"lang": "es", "value": "Engelsystem es un sistema de planificaci\u00f3n de turnos para eventos de caos. Un Blind SSRF en la funcionalidad \"Import schedule\" permite realizar una exploraci\u00f3n de puertos en el entorno local. Esta vulnerabilidad se ha solucionado en el commit ee7d30b33. Si no se puede implementar un parche, los operadores deben asegurarse de que ning\u00fan servicio HTTP escuche en el host local y/o en sistemas a los que solo se pueda acceder desde el host que ejecuta el software engelsystem. Si dichos servicios son necesarios, deber\u00edan utilizar autenticaci\u00f3n adicional."}], "id": "CVE-2023-45152", "lastModified": "2024-11-21T08:26:27.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-17T00:15:11.140", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/engelsystem/engelsystem/commit/ee7d30b33935ea001705f438fec8ffd05734f295"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/engelsystem/engelsystem/security/advisories/GHSA-jj9g-75wf-6ppf"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}]}