CVE-2023-46851

CWE-20 — Improper Input Validation CWE-73 CWE-200 — Information Exposure3 documents3 sources

Severity

4.9MEDIUM

EPSS

0.3%

top 48.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Allura Apache Software Foundation Apache Allura

Timeline

PublishedNov 7

Latest updateNov 15

Description

Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution. This issue affects Apache Allura from 1.0.1 through 1.15.0. Users are recommended to upgrade to version 1.16.0, which fixes the issue. If you are unable to upgrade, set "disable_entry…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

▶NVDapache/allura1.0.1 — 1.16.0

▶CVEListV5apache_software_foundation/apache_allura1.0.1 — 1.15.0

Patches

Patch: allura.apache.org ↗Patch: allura.apache.org ↗

🔴Vulnerability Details

GHSA

GHSA-7f2c-c54p-7m36: Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments↗2023-11-15

▶

CVEList

Apache Allura: sensitive information exposure via import↗2023-11-07

▶