CVE-2023-6267

A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based security.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:0494
https://access.redhat.com/errata/RHSA-2024:0495
https://access.redhat.com/security/cve/CVE-2023-6267	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2251155	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:quarkus:quarkus::::::::
	cpe:2.3:a:quarkus:quarkus::::::::
	cpe:2.3:a:quarkus:quarkus:2.13.9:-::::::
	cpe:2.3:a:quarkus:quarkus:3.2.9:-::::::

History

17 Feb 2024, 10:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:0495 - () https://access.redhat.com/errata/RHSA-2024:0494 -

31 Jan 2024, 17:17

Type	Values Removed	Values Added
CPE		cpe:2.3:a:quarkus:quarkus:2.13.9:-:::::: cpe:2.3:a:quarkus:quarkus:::::::: cpe:2.3:a:quarkus:quarkus:3.2.9:-::::::
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2251155 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2251155 - Issue Tracking, Vendor Advisory
References	~~() https://access.redhat.com/security/cve/CVE-2023-6267 -~~	() https://access.redhat.com/security/cve/CVE-2023-6267 - Vendor Advisory
CWE		CWE-755
First Time		Quarkus quarkus Quarkus
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8

25 Jan 2024, 19:28

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-25 19:15

Updated : 2024-02-28 20:54

NVD link : CVE-2023-6267

Mitre link : CVE-2023-6267

CVE.ORG link : CVE-2023-6267

JSON object : View

Products Affected

quarkus

quarkus

CWE

CWE-755

Improper Handling of Exceptional Conditions

CWE-280

Improper Handling of Insufficient Permissions or Privileges

{"id": "CVE-2023-6267", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 3.9}]}, "published": "2024-01-25T19:15:08.260", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:0494", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0495", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6267", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251155", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-755"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-280"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based security."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en el payload json. Si se utiliza seguridad basada en anotaciones para proteger un recurso REST, el cuerpo JSON que el recurso puede consumir se procesa (deserializa) antes de que se eval\u00faen y apliquen las restricciones de seguridad. Esto no sucede con la seguridad basada en configuraci\u00f3n."}], "lastModified": "2024-02-17T10:15:07.890", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B27FE57-901A-496C-B2C1-F647C91E7B51", "versionEndExcluding": "2.13.9"}, {"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDE831ED-C431-4CCF-AB2D-67BBC88FAE4D", "versionEndExcluding": "3.2.9", "versionStartIncluding": "3.0.0"}, {"criteria": "cpe:2.3:a:quarkus:quarkus:2.13.9:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF6EB005-F254-47A9-B963-E1AD508F55FB"}, {"criteria": "cpe:2.3:a:quarkus:quarkus:3.2.9:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCA0123C-E209-4037-A021-A3B95305A453"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}