CVE-2023-46245

Exploit

EPSS 1.47%
Veröffentlicht 31.10.2023 16:15:09
Zuletzt bearbeitet 21.11.2024 08:28:09
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File

Kimai is a web-based multi-user time-tracking application. Versions prior to 2.1.0 are vulnerable to a Server-Side Template Injection (SSTI) which can be escalated to Remote Code Execution (RCE). The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML rendering functionalities. Version 2.1.0 enables security measures for custom Twig templates.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Kimai ≫ Kimai Version <= 2.10

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.47%	0.703

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
security-advisories@github.com	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine

The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.

https://github.com/kimai/kimai/commit/38e37f1c2e91e1acb221ec5c13f11b735bd50ae4

https://github.com/kimai/kimai/security/advisories/GHSA-fjhg-96cp-6fcw

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-46245

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-46245

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-46245

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-46245