CVE-2023-49299 - OpenCVE

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9. Users are recommended to upgrade to version 3.1.9, which fixes the issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Dolphinscheduler

Configuration 1 [-]

cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2024/02/23/3
https://github.com/apache/dolphinscheduler/pull/15228
https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-12-30T16:27:12.045Z

Updated: 2024-08-26T20:23:11.080Z

Reserved: 2023-11-26T10:03:26.679Z

Link: CVE-2023-49299

Vulnrichment

Updated: 2024-08-02T21:53:44.985Z

NVD

Status : Modified

Published: 2023-12-30T17:15:07.870

Modified: 2024-08-26T21:35:02.680

Link: CVE-2023-49299

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-49299", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-11-26T10:03:26.679Z", "datePublished": "2023-12-30T16:27:12.045Z", "dateUpdated": "2024-08-26T20:23:11.080Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache DolphinScheduler", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "3.1.9", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Eluen Siebene"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Input Validation vulnerability in Apache DolphinScheduler. An <span style=\"background-color: rgb(255, 255, 255);\">authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.</span><p>This issue affects Apache DolphinScheduler: until 3.1.9.</p><p>Users are recommended to upgrade to version 3.1.9, which fixes the issue.</p>"}], "value": "Improper Input Validation vulnerability in Apache DolphinScheduler. An\u00a0authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9.\n\nUsers are recommended to upgrade to version 3.1.9, which fixes the issue.\n\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-12-30T16:30:17.905Z"}, "references": [{"tags": ["patch"], "url": "https://github.com/apache/dolphinscheduler/pull/15228"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/23/3"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache DolphinScheduler: Arbitrary js execute as root for authenticated users", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:53:44.985Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/apache/dolphinscheduler/pull/15228"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/23/3", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-20", "lang": "en", "description": "CWE-20 Improper Input Validation"}]}], "affected": [{"vendor": "apache", "product": "dolphinscheduler", "cpes": ["cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "3.1.9", "versionType": "semver"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-26T20:21:55.529873Z", "id": "CVE-2023-49299", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T20:23:11.080Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/apache/dolphinscheduler/pull/15228", "tags": ["patch", "x_transferred"]}, {"url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/23/3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:53:44.985Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-49299", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-26T20:21:55.529873Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*"], "vendor": "apache", "product": "dolphinscheduler", "versions": [{"status": "affected", "version": "0", "lessThan": "3.1.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T20:22:22.145Z"}}], "cna": {"title": "Apache DolphinScheduler: Arbitrary js execute as root for authenticated users", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Eluen Siebene"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "important"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache DolphinScheduler", "versions": [{"status": "affected", "version": "0", "lessThan": "3.1.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/apache/dolphinscheduler/pull/15228", "tags": ["patch"]}, {"url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/23/3"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Improper Input Validation vulnerability in Apache DolphinScheduler. An\u00a0authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9.\n\nUsers are recommended to upgrade to version 3.1.9, which fixes the issue.\n\n", "supportingMedia": [{"type": "text/html", "value": "Improper Input Validation vulnerability in Apache DolphinScheduler. An <span style=\"background-color: rgb(255, 255, 255);\">authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.</span><p>This issue affects Apache DolphinScheduler: until 3.1.9.</p><p>Users are recommended to upgrade to version 3.1.9, which fixes the issue.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-12-30T16:30:17.905Z"}}}, "cveMetadata": {"cveId": "CVE-2023-49299", "state": "PUBLISHED", "dateUpdated": "2024-08-26T20:23:11.080Z", "dateReserved": "2023-11-26T10:03:26.679Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-12-30T16:27:12.045Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BB663DF-FACA-4A16-9DBD-6D7295136208", "versionEndExcluding": "3.1.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Input Validation vulnerability in Apache DolphinScheduler. An\u00a0authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server.This issue affects Apache DolphinScheduler: until 3.1.9.\n\nUsers are recommended to upgrade to version 3.1.9, which fixes the issue.\n\n"}, {"lang": "es", "value": "Vulnerabilidad de validaci\u00f3n de entrada incorrecta en Apache DolphinScheduler. Un usuario autenticado puede hacer que se ejecute javascript arbitrario y sin espacio aislado en el servidor. Este problema afecta a Apache DolphinScheduler: hasta 3.1.9. Se recomienda a los usuarios actualizar a la versi\u00f3n 3.1.9, que soluciona el problema."}], "id": "CVE-2023-49299", "lastModified": "2024-08-26T21:35:02.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-12-30T17:15:07.870", "references": [{"source": "security@apache.org", "url": "http://www.openwall.com/lists/oss-security/2024/02/23/3"}, {"source": "security@apache.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/apache/dolphinscheduler/pull/15228"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/tnf99qoc6tlnwrny4t1zk6mfszgdsokm"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}