CVE-2023-46745 - Vulnerability Details - OpenCVE

Description

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user accounts. This issue has been addressed in version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Published: 2023-11-17

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

librenms

librenms

affected

Version	Status	Constraints
`< 23.11.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-rq42-58qf-v3qx	LibreNMS vulnerable to rate limiting bypass on login page

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00008.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx

History

No history.

Subscriptions

Librenms Librenms

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-11-17T21:42:43.134Z

Updated: 2024-08-29T14:09:05.812Z

Reserved: 2023-10-25T14:30:33.753Z

Link: CVE-2023-46745

Vulnrichment

Updated: 2024-08-02T20:53:21.168Z

NVD

Status : Modified

Published: 2023-11-17T22:15:07.633

Modified: 2024-11-21T08:29:12.850

Link: CVE-2023-46745

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-307

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-46745", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-10-25T14:30:33.753Z", "datePublished": "2023-11-17T21:42:43.134Z", "dateUpdated": "2024-08-29T14:09:05.812Z"}, "containers": {"cna": {"title": "Rate limiting Bypass on login page in libreNMS", "problemTypes": [{"descriptions": [{"cweId": "CWE-307", "lang": "en", "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx"}], "affected": [{"vendor": "librenms", "product": "librenms", "versions": [{"version": "< 23.11.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-11-17T21:42:43.134Z"}, "descriptions": [{"lang": "en", "value": "LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user accounts. This issue has been addressed in version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-rq42-58qf-v3qx", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:53:21.168Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-29T14:08:45.853945Z", "id": "CVE-2023-46745", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T14:09:05.812Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx", "name": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:53:21.168Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-46745", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-29T14:08:45.853945Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T14:09:01.031Z"}}], "cna": {"title": "Rate limiting Bypass on login page in libreNMS", "source": {"advisory": "GHSA-rq42-58qf-v3qx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "librenms", "product": "librenms", "versions": [{"status": "affected", "version": "< 23.11.0"}]}], "references": [{"url": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx", "name": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user accounts. This issue has been addressed in version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-307", "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-11-17T21:42:43.134Z"}}}, "cveMetadata": {"cveId": "CVE-2023-46745", "state": "PUBLISHED", "dateUpdated": "2024-08-29T14:09:05.812Z", "dateReserved": "2023-10-25T14:30:33.753Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-11-17T21:42:43.134Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*", "matchCriteriaId": "24B09F58-7CE2-470F-8F5B-6771753682A6", "versionEndExcluding": "23.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user accounts. This issue has been addressed in version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "LibreNMS es un monitor de red basado en PHP/MySQL/SNMP con descubrimiento autom\u00e1tico que incluye soporte para una amplia gama de hardware de red y sistemas operativos. En las versiones afectadas, el m\u00e9todo de inicio de sesi\u00f3n no tiene l\u00edmite de velocidad. Un atacante puede aprovechar esta vulnerabilidad para obtener acceso a las cuentas de los usuarios. Este problema se solucion\u00f3 en la versi\u00f3n 23.11.0. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}], "id": "CVE-2023-46745", "lastModified": "2024-11-21T08:29:12.850", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-17T22:15:07.633", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-307"}], "source": "security-advisories@github.com", "type": "Secondary"}]}