CVE-2023-45725

CWE-200 — Information Exposure4 documents4 sources

Severity

5.7MEDIUM

EPSS

0.2%

top 55.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Software Foundation IBM Cloudant Apache Software Foundation Apache Couchdb Apache Couchdb

Timeline

PublishedDec 13

Description

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: * list * show * rewrite * update An attacker can leak the session component using an HTML-like output, insert the session as an external resource (such as an image), or store the credential in a _local document with an "update" function. For the attack to succeed the attacker has to be able to insert t…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5apache_software_foundation/ibm_cloudant< 8413

▶NVDapache/couchdb3.3.2

▶CVEListV5apache_software_foundation/apache_couchdb3.3.2

Patches

Patch: docs.couchdb.org ↗Patch: docs.couchdb.org ↗

🔴Vulnerability Details

GHSA

GHSA-rmfx-8gmj-c39q: Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the doc↗2023-12-13

▶

CVEList

Apache CouchDB, IBM Cloudant: Privilege Escalation Using _design Documents↗2023-12-13

▶

OSV

CVE-2023-45725: Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the doc↗2023-12-13

▶