CVE-2023-48225 (GCVE-0-2023-48225)
Vulnerability from cvelistv5
Published
2023-12-12 20:33
Modified
2024-08-02 21:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it may lead to sensitive information leakage in secret and configmap. In ES6 syntax, if an obj directly references another obj, the name of the obj itself will be used as the key, and the entire object structure will be integrated intact. When constructing the deployment instance of the app, env was found from the database and directly inserted into the template, resulting in controllability here. Sensitive information in the secret and configmap can be read through the k8s envFrom field. In a privatization environment, when `namespaceConf. fixed` is marked, it may lead to the leakage of sensitive information in the system. As of time of publication, it is unclear whether any patches or workarounds exist.
References
| URL | Tags | |
|---|---|---|
|
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "laf",
"vendor": "labring",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it may lead to sensitive information leakage in secret and configmap. In ES6 syntax, if an obj directly references another obj, the name of the obj itself will be used as the key, and the entire object structure will be integrated intact. When constructing the deployment instance of the app, env was found from the database and directly inserted into the template, resulting in controllability here. Sensitive information in the secret and configmap can be read through the k8s envFrom field. In a privatization environment, when `namespaceConf. fixed` is marked, it may lead to the leakage of sensitive information in the system. As of time of publication, it is unclear whether any patches or workarounds exist."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:33:40.959Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306"
}
],
"source": {
"advisory": "GHSA-hv2g-gxx4-fwxp",
"discovery": "UNKNOWN"
},
"title": "Laf env causes sensitive information disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48225",
"datePublished": "2023-12-12T20:33:40.959Z",
"dateReserved": "2023-11-13T13:25:18.480Z",
"dateUpdated": "2024-08-02T21:23:39.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…