{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5590", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntrdev", "dateReserved": "2023-10-15T22:13:53.229Z", "datePublished": "2023-10-15T22:14:03.767Z", "dateUpdated": "2024-09-16T20:00:02.076Z"}, "containers": {"cna": {"title": "NULL Pointer Dereference in seleniumhq/selenium", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev", "dateUpdated": "2023-10-15T22:14:03.767Z"}, "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0."}], "affected": [{"vendor": "seleniumhq", "product": "seleniumhq/selenium", "versions": [{"version": "unspecified", "lessThan": "4.14.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-476 NULL Pointer Dereference", "cweId": "CWE-476"}]}], "source": {"advisory": "e268cd68-4f34-49bd-878b-82b96dcc0c99", "discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:07:31.897Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99", "tags": ["x_transferred"]}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-16T19:59:51.174252Z", "id": "CVE-2023-5590", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-16T20:00:02.076Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99", "tags": ["x_transferred"]}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:07:31.897Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5590", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-16T19:59:51.174252Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-16T19:59:57.420Z"}}], "cna": {"title": "NULL Pointer Dereference in seleniumhq/selenium", "source": {"advisory": "e268cd68-4f34-49bd-878b-82b96dcc0c99", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "seleniumhq", "product": "seleniumhq/selenium", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "4.14.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}, {"url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}], "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev", "dateUpdated": "2023-10-15T22:14:03.767Z"}}}, "cveMetadata": {"cveId": "CVE-2023-5590", "state": "PUBLISHED", "dateUpdated": "2024-09-16T20:00:02.076Z", "dateReserved": "2023-10-15T22:13:53.229Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2023-10-15T22:14:03.767Z", "assignerShortName": "@huntrdev"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:selenium:selenium:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7F99E6A-73B9-4154-BCC9-93421E29945A", "versionEndExcluding": "4.14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0."}, {"lang": "es", "value": "Eliminaci\u00f3n de referencia del puntero NULL en el repositorio de GitHub seleniumhq/selenium anterior a 4.14.0."}], "id": "CVE-2023-5590", "lastModified": "2023-10-19T11:07:40.070", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-15T23:15:44.857", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "security@huntr.dev", "type": "Primary"}]}

{"bugzilla": {"description": "selenium: potential null pointer access in CookieManager", "id": "2244345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244345"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.", "A null pointer dereference flaw was found in Selenium IEDriver. This issue causes the driver to crash when selenium gets the cookies from an attacker controlled page, which could leave the application unavailable."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently known for the IE Driver. If possible, opt for another browser driver."}, "name": "CVE-2023-5590", "package_state": [{"cpe": "cpe:/a:redhat:service_registry:2", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat build of Apicurio Registry"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "selenium", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat JBoss Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "selenium", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Will not fix", "impact": "low", "package_name": "selenium", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2023-10-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-5590\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-5590\nhttps://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6"], "statement": "Successful exploitation of this issue depends on the IE Driver being used and also available to the external malicious user to redirect to a malicious page in order to consume a malicious cookie that may crash the environment. Therefore, this flaw is rated as having a Moderate impact. \nRed Hat Single Sign-On uses part of the integration tests only, therefore, it is rated as a Low impact.", "threat_severity": "Moderate", "upstream_fix": "selenium 4.14.1"}