ghsa-24f5-5fmf-pwmc
Vulnerability from github
Published
2023-10-19 09:30
Modified
2024-04-04 08:47
Severity ?
Details
In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes could be deserialized.
Specifically, an application is vulnerable if
-
the SimpleMessageConverter or SerializerMessageConverter is used
-
the user does not configure allowed list patterns
-
untrusted message originators gain permissions to write messages to the RabbitMQ broker to send malicious content
{ "affected": [], "aliases": [ "CVE-2023-34050" ], "database_specific": { "cwe_ids": [ "CWE-502" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-10-19T08:15:08Z", "severity": "MODERATE" }, "details": "\n\n\n\n\n\n\n\n\n\nIn spring AMQP versions 1.0.0 to\n2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class\nnames were added to Spring AMQP, allowing users to lock down deserialization of\ndata in messages from untrusted sources; however by default, when no allowed\nlist was provided, all classes could be deserialized.\n\n\n\nSpecifically, an application is\nvulnerable if\n\n\n\n\n * the\n SimpleMessageConverter or SerializerMessageConverter is used\n\n * the user\n does not configure allowed list patterns\n\n * untrusted\n message originators gain permissions to write messages to the RabbitMQ\n broker to send malicious content\n\n\n\n\n\n\n\n\n\n", "id": "GHSA-24f5-5fmf-pwmc", "modified": "2024-04-04T08:47:08Z", "published": "2023-10-19T09:30:18Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34050" }, { "type": "WEB", "url": "https://spring.io/security/cve-2023-34050" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.