CVE-2023-5590 - Vulnerability Details - OpenCVE

NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00197.

Key SSVC decision points have not yet been added.

Vendors	Products
Selenium Subscribe	Selenium Subscribe

Configuration 1 [-]

cpe:2.3:a:selenium:selenium:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-0238	NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6
https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99
https://nvd.nist.gov/vuln/detail/CVE-2023-5590
https://www.cve.org/CVERecord?id=CVE-2023-5590

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: @huntrdev

Published: 2023-10-15T22:14:03.767Z

Updated: 2024-09-16T20:00:02.076Z

Reserved: 2023-10-15T22:13:53.229Z

Link: CVE-2023-5590

Vulnrichment

Updated: 2024-08-02T08:07:31.897Z

NVD

Status : Modified

Published: 2023-10-15T23:15:44.857

Modified: 2024-11-21T08:42:05.050

Link: CVE-2023-5590

Redhat

Severity : Moderate

Publid Date: 2023-10-16T00:00:00Z

Links: CVE-2023-5590 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-476

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5590", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntrdev", "dateReserved": "2023-10-15T22:13:53.229Z", "datePublished": "2023-10-15T22:14:03.767Z", "dateUpdated": "2024-09-16T20:00:02.076Z"}, "containers": {"cna": {"title": "NULL Pointer Dereference in seleniumhq/selenium", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev", "dateUpdated": "2023-10-15T22:14:03.767Z"}, "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0."}], "affected": [{"vendor": "seleniumhq", "product": "seleniumhq/selenium", "versions": [{"version": "unspecified", "lessThan": "4.14.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-476 NULL Pointer Dereference", "cweId": "CWE-476"}]}], "source": {"advisory": "e268cd68-4f34-49bd-878b-82b96dcc0c99", "discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:07:31.897Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99", "tags": ["x_transferred"]}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-16T19:59:51.174252Z", "id": "CVE-2023-5590", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-16T20:00:02.076Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99", "tags": ["x_transferred"]}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:07:31.897Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5590", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-16T19:59:51.174252Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-16T19:59:57.420Z"}}], "cna": {"title": "NULL Pointer Dereference in seleniumhq/selenium", "source": {"advisory": "e268cd68-4f34-49bd-878b-82b96dcc0c99", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "seleniumhq", "product": "seleniumhq/selenium", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "4.14.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}], "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev", "dateUpdated": "2023-10-15T22:14:03.767Z"}}}, "cveMetadata": {"cveId": "CVE-2023-5590", "state": "PUBLISHED", "dateUpdated": "2024-09-16T20:00:02.076Z", "dateReserved": "2023-10-15T22:13:53.229Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2023-10-15T22:14:03.767Z", "assignerShortName": "@huntrdev"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:selenium:selenium:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7F99E6A-73B9-4154-BCC9-93421E29945A", "versionEndExcluding": "4.14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0."}, {"lang": "es", "value": "Eliminaci\u00f3n de referencia del puntero NULL en el repositorio de GitHub seleniumhq/selenium anterior a 4.14.0."}], "id": "CVE-2023-5590", "lastModified": "2024-11-21T08:42:05.050", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-15T23:15:44.857", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "security@huntr.dev", "type": "Secondary"}]}

{"bugzilla": {"description": "selenium: potential null pointer access in CookieManager", "id": "2244345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244345"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.", "A null pointer dereference flaw was found in Selenium IEDriver. This issue causes the driver to crash when selenium gets the cookies from an attacker controlled page, which could leave the application unavailable."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently known for the IE Driver. If possible, opt for another browser driver."}, "name": "CVE-2023-5590", "package_state": [{"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:service_registry:2", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat build of Apicurio Registry 2"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Integration Camel Quarkus 2"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "selenium", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "selenium", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2023-10-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-5590\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-5590\nhttps://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"], "statement": "Successful exploitation of this issue depends on the IE Driver being used and also available to the external malicious user to redirect to a malicious page in order to consume a malicious cookie that may crash the environment. Therefore, this flaw is rated as having a Moderate impact. \nRed Hat Single Sign-On uses part of the integration tests only, therefore, it is rated as a Low impact.", "threat_severity": "Moderate"}