CVE-2023-1304

Published Mar 21, 2023

Last updated a year ago

Overview

Description: An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.
Source: cve@rapid7.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-94
cve@rapid7.com: CWE-94

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:rapid7:insightappsec:*:*:*:*:self-managed:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65FCB38E-8FDE-43D4-A62E-BBAD43FFBC97",
            "versionEndExcluding": "23.2.1"
          },
          {
            "criteria": "cpe:2.3:a:rapid7:insightcloudsec:*:*:*:*:managed:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2005649C-D913-4281-9E35-6E342C7E6D21",
            "versionEndExcluding": "2023.02.01"
          },
          {
            "criteria": "cpe:2.3:a:rapid7:insightcloudsec:*:*:*:*:saas:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D88FD323-9DA9-497D-BC99-F30C66E33096",
            "versionEndExcluding": "2023.02.01"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References