CVE-2023-7079 (GCVE-0-2023-7079)
Vulnerability from cvelistv5
Published
2023-12-29 11:54
Modified
2024-08-02 08:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cloudflare | wrangler |
Version: 0 Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:50:07.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-cfph-4qqh-w828"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cloudflare/workers-sdk/pull/4532"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cloudflare/workers-sdk/pull/4535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "wrangler",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "wrangler",
"repo": "https://github.com/cloudflare/workers-sdk",
"vendor": "Cloudflare",
"versions": [
{
"changes": [
{
"at": "3.19.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.9.0",
"status": "affected",
"version": "0",
"versionType": "patch"
},
{
"changes": [
{
"at": "3.19.0",
"status": "unaffected"
}
],
"lessThan": "3.19.0",
"status": "affected",
"version": "0",
"versionType": "patch"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": " Peter Wu (Lekensteyn)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sending specially crafted HTTP requests and inspector messages to Wrangler\u0027s dev server could result in any file on the user\u0027s computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.\u003cbr\u003e"
}
],
"value": "Sending specially crafted HTTP requests and inspector messages to Wrangler\u0027s dev server could result in any file on the user\u0027s computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T12:08:49.883Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-cfph-4qqh-w828"
},
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4532"
},
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4535"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Arbitrary remote file read in Wrangler dev server",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eConfigure Wrangler to listen on local interfaces instead with \u003ccode\u003e\u003cb\u003ewrangler dev --ip 127.0.0.1\u003c/b\u003e\u003c/code\u003e. This is the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-f8mp-x433-5wpf\"\u003edefault as of \u003ccode\u003ewrangler@3.16.0\u003c/code\u003e\u003c/a\u003e, and removes the local network as an attack vector, but does not prevent an attack from visiting a malicious website.\u003c/p\u003e"
}
],
"value": "Configure Wrangler to listen on local interfaces instead with wrangler dev --ip 127.0.0.1. This is the default as of wrangler@3.16.0 https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-f8mp-x433-5wpf , and removes the local network as an attack vector, but does not prevent an attack from visiting a malicious website.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2023-7079",
"datePublished": "2023-12-29T11:54:08.925Z",
"dateReserved": "2023-12-22T09:59:49.428Z",
"dateUpdated": "2024-08-02T08:50:07.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…