CVE-2023-35853 — Code Injection in Suricata

CWE-94 — Code Injection5 documents5 sources

Severity

9.8CRITICALNVD

EPSS

0.7%

top 28.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oisf Suricata

Timeline

PublishedJun 19

Description

In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDoisf/suricata< 6.0.13

▶Debianoisf/suricata< 1:6.0.13-1+1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

CVE-2023-35853: In Suricata before 6↗2023-06-19

▶

GHSA

GHSA-42j3-j7r2-vj2g: In Suricata before 6↗2023-06-19

▶

OSV

CVE-2023-35853: In Suricata before 6↗2023-06-19

▶

📋Vendor Advisories

Debian

CVE-2023-35853: suricata - In Suricata before 6.0.13, an adversary who controls an external source of Lua r...↗2023

▶