CVE-2023-28853

Exploit

EPSS 1.28%
Veröffentlicht 04.04.2023 22:15:08
Zuletzt bearbeitet 21.11.2024 07:56:09
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Mastodon's blind LDAP injection in login allows the attacker to leak arbitrary attributes from LDAP database

Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Starting in version 2.5.0 and prior to versions 3.5.8, 4.0.4, and 4.1.2, the LDAP query made during login is insecure and the attacker can perform LDAP injection attack to leak arbitrary attributes from LDAP database. This issue is fixed in versions 3.5.8, 4.0.4, and 4.1.2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 11

NVD 3 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Joinmastodon ≫ Mastodon Version >= 2.5.0 < 3.5.8

Joinmastodon ≫ Mastodon Version >= 4.0.0 < 4.0.4

Joinmastodon ≫ Mastodon Version >= 4.1.0 < 4.1.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.28%	0.662

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
security-advisories@github.com	7.7	3.1	4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.

http://www.openwall.com/lists/oss-security/2023/07/06/6

https://github.com/mastodon/mastodon/blob/94cbd808b5b3e7999c7e77dc724b7e8c9dd2bdec/app/models/concerns/ldap_authenticable.rb#L7-L14

Product

https://github.com/mastodon/mastodon/blob/94cbd808b5b3e7999c7e77dc724b7e8c9dd2bdec/config/initializers/devise.rb#L398-L414

Product

https://github.com/mastodon/mastodon/pull/24379

Patch

https://github.com/mastodon/mastodon/releases/tag/v3.5.8

Release Notes

https://github.com/mastodon/mastodon/releases/tag/v4.0.4

Release Notes

https://github.com/mastodon/mastodon/releases/tag/v4.1.2

Release Notes

https://github.com/mastodon/mastodon/security/advisories/GHSA-38g9-pfm9-gfqv

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-28853

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-28853

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-28853

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-28853