CVE-2023-2534
published 2023-05-08CVE-2023-2534: Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain…
PriorityP347high8.1CVSS 3.1
AVNACLPRLUINSUCHINAH
EPSS
0.53%
40.5th percentile
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via
ticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data). Subscribing to all possible push events could also lead to performance implications on the server side, depending on the size of the installation
and the number of active users. (Flooding)This issue affects OTRS: from 8.0.X before 8.0.32.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| otrs | otrs | >= 8.0.0 < 8.0.32 | 8.0.32 |
| otrs_ag | otrs | >= 8.0.x < 8.0.32 | 8.0.32 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
PyTorch TorchServe SSRF
nuclei·CVSS 9.8
CVE-2023-43654 [CRITICAL] PyTorch TorchServe SSRF
PyTorch TorchServe SSRF
TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and sensitive data. This issue is present in versions 0.1.0 to 0.8.1. A user is able to load the model of their choice from any URL that they would like to use. The user of TorchServe is responsible for configuring both the allowed_urls and specifying the model URL to be used. A pull request to warn the user when the default value for allowed_urls is used has been merged in PR #2534. TorchServe release 0.8.2 includes this change. Users are advised to upgrade.
No writeups or analysis indexed.
2023-05-08
Published