CVE-2023-35030

Cross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:liferay:dxp:7.4:update_70::::::
	cpe:2.3:a:liferay:dxp:7.4:update_71::::::
	cpe:2.3:a:liferay:dxp:7.4:update_72::::::
	cpe:2.3:a:liferay:dxp:7.4:update_73::::::
	cpe:2.3:a:liferay:dxp:7.4:update_74::::::
	cpe:2.3:a:liferay:dxp:7.4:update_75::::::
	cpe:2.3:a:liferay:dxp:7.4:update_76::::::
	cpe:2.3:a:liferay:liferay_portal::::::::

History

22 Jun 2023, 16:52

Type	Values Removed	Values Added
First Time		Liferay Liferay liferay Portal Liferay dxp
CWE		CWE-352
CPE		cpe:2.3:a:liferay:dxp:7.4:update_76:::::: cpe:2.3:a:liferay:dxp:7.4:update_73:::::: cpe:2.3:a:liferay:dxp:7.4:update_75:::::: cpe:2.3:a:liferay:dxp:7.4:update_71:::::: cpe:2.3:a:liferay:dxp:7.4:update_72:::::: cpe:2.3:a:liferay:dxp:7.4:update_70:::::: cpe:2.3:a:liferay:dxp:7.4:update_74:::::: cpe:2.3:a:liferay:liferay_portal::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
References	~~(MISC) https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030 -~~	(MISC) https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030 - Patch, Vendor Advisory

15 Jun 2023, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-15 05:15

Updated : 2024-02-28 20:13

NVD link : CVE-2023-35030

Mitre link : CVE-2023-35030

CVE.ORG link : CVE-2023-35030

JSON object : View

Products Affected

liferay

dxp
liferay_portal

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2023-35030", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security@liferay.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-06-15T05:15:09.857", "references": [{"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030", "tags": ["Patch", "Vendor Advisory"], "source": "security@liferay.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}, {"type": "Secondary", "source": "security@liferay.com", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter."}], "lastModified": "2023-06-22T16:52:17.993", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_70:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A210A40-99B5-40D6-BBB8-E0E30FADED2E"}, {"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_71:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9ED1C984-729C-4994-B041-12AD82ABB7FB"}, {"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_72:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "998F01FB-913B-4224-8413-D62ACCF570E7"}, {"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_73:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F18E6353-E96E-4FD6-8CEE-28A30C70AC82"}, {"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_74:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6102A1C7-26E5-4830-A87F-C7142671261E"}, {"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_75:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57374266-D3DA-4E50-8B4B-19ED8343AC9D"}, {"criteria": "cpe:2.3:a:liferay:dxp:7.4:update_76:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93CCCAAE-8B59-4F59-91E9-860F4313521C"}, {"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9014083-2E75-4403-9C1D-C4F07C8DB877", "versionEndExcluding": "7.4.3.77", "versionStartIncluding": "7.4.3.70"}], "operator": "OR"}]}], "sourceIdentifier": "security@liferay.com"}