CVE-2022-46405

Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://borg.social/notes/98bcoo2t1n	Issue Tracking Third Party Advisory
https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A	Exploit Issue Tracking Third Party Advisory
https://borg.social/notes/98bcoo2t1n	Issue Tracking Third Party Advisory
https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A	Exploit Issue Tracking Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:30

Type	Values Removed	Values Added
References	~~() https://borg.social/notes/98bcoo2t1n - Issue Tracking, Third Party Advisory~~	() https://borg.social/notes/98bcoo2t1n - Issue Tracking, Third Party Advisory
References	~~() https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A - Exploit, Issue Tracking, Third Party Advisory~~	() https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A - Exploit, Issue Tracking, Third Party Advisory

Information

Published : 2022-12-04 04:15

Updated : 2024-11-21 07:30

NVD link : CVE-2022-46405

Mitre link : CVE-2022-46405

CVE.ORG link : CVE-2022-46405

JSON object : View

Products Affected

joinmastodon

mastodon

CWE

CWE-674

Uncontrolled Recursion

{"id": "CVE-2022-46405", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-12-04T04:15:09.380", "references": [{"url": "https://borg.social/notes/98bcoo2t1n", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://borg.social/notes/98bcoo2t1n", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://hackmd.io/rD9nsTz1QeuPT-erxqjY-A", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-674"}]}], "descriptions": [{"lang": "en", "value": "Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages."}, {"lang": "es", "value": "Mastodon hasta 4.0.2 permite a los atacantes provocar una Denegaci\u00f3n de Servicio (DoS) (gran cola de extracci\u00f3n de Sidekiq) mediante la creaci\u00f3n de cuentas de bot que siguen cuentas controladas por el atacante en ciertos otros servidores asociados con un registro DNS A comod\u00edn, de modo que existe una recursi\u00f3n incontrolada de mensajes generados por el atacante."}], "lastModified": "2024-11-21T07:30:32.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11AE4FBF-5DF3-49F0-AAF4-6EB04F94C222", "versionEndIncluding": "4.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}