fkie_cve-2023-35853
Vulnerability from fkie_nvd
Published
2023-06-19 04:15
Modified
2024-12-11 17:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.
References
cve@mitre.orghttps://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81daPatch, Vendor Advisory
cve@mitre.orghttps://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13Vendor Advisory
cve@mitre.orghttps://www.stamus-networks.com/stamus-labsNot Applicable
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81daPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.stamus-networks.com/stamus-labsNot Applicable
Impacted products
Vendor Product Version
oisf suricata *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDDE2F7-D633-4FBC-8EE1-6145A82AC02F",
              "versionEndExcluding": "6.0.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section."
    },
    {
      "lang": "es",
      "value": "En Suricata antes de la versi\u00f3n 6.0.13, un adversario que controle una fuente externa de reglas Lua puede ser capaz de ejecutar c\u00f3digo Lua. Esto se soluciona en la versi\u00f3n 6.0.13 deshabilitando Lua a menos que \"allow-rules\" sea verdadero en la secci\u00f3n de configuraci\u00f3n de seguridad de Lua.  "
    }
  ],
  "id": "CVE-2023-35853",
  "lastModified": "2024-12-11T17:15:13.037",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-19T04:15:11.287",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.stamus-networks.com/stamus-labs"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.stamus-networks.com/stamus-labs"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.