CVE-2023-41877

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A path traversal vulnerability in versions 2.23.4 and prior requires GeoServer Administrator with access to the admin console to misconfigure the Global Settings for log file location to an arbitrary location. The admin console GeoServer Logs page provides a preview of these contents. As this issue requires GeoServer administrators access, often representing a trusted party, the vulnerability has not received a patch as of time of publication. As a workaround, a system administrator responsible for running GeoServer can use the `GEOSERVER_LOG_FILE` setting to override any configuration option provided by the Global Settings page. The `GEOSERVER_LOG_LOCATION` parameter can be set as system property, environment variables, or servlet context parameters.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.geoserver.org/latest/en/user/configuration/globalsettings.html#log-location
https://github.com/geoserver/geoserver/security/advisories/GHSA-8g7v-vjrc-x4g5
https://docs.geoserver.org/latest/en/user/configuration/globalsettings.html#log-location
https://github.com/geoserver/geoserver/security/advisories/GHSA-8g7v-vjrc-x4g5

Configurations

No configuration.

History

21 Nov 2024, 08:21

Type	Values Removed	Values Added
References	~~() https://docs.geoserver.org/latest/en/user/configuration/globalsettings.html#log-location -~~	() https://docs.geoserver.org/latest/en/user/configuration/globalsettings.html#log-location -
References	~~() https://github.com/geoserver/geoserver/security/advisories/GHSA-8g7v-vjrc-x4g5 -~~	() https://github.com/geoserver/geoserver/security/advisories/GHSA-8g7v-vjrc-x4g5 -
Summary		(es) GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. Una vulnerabilidad de path traversal en las versiones 2.23.4 y anteriores requiere que el administrador de GeoServer con acceso a la consola de administración configure incorrectamente la configuración global para la ubicación del archivo de registro en una ubicación arbitraria. La página de registros de GeoServer de la consola de administración proporciona una vista previa de estos contenidos. Como este problema requiere el acceso de los administradores de GeoServer, que a menudo representan una parte de confianza, la vulnerabilidad no ha recibido un parche al momento de la publicación. Como workaround, un administrador de sistema responsable de ejecutar GeoServer puede usar la configuración `GEOSERVER_LOG_FILE` para anular cualquier opción de configuración proporcionada por la página de configuración global. El parámetro `GEOSERVER_LOG_LOCATION` se puede configurar como propiedad del sistema, variables de entorno o parámetros de contexto de servlet.

20 Mar 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-20 15:15

Updated : 2024-11-21 08:21

NVD link : CVE-2023-41877

Mitre link : CVE-2023-41877

CVE.ORG link : CVE-2023-41877

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.2 /10