Details of VAR-202310-0478

ID

VAR-202310-0478

CVE

CVE-2023-25753

TITLE

Apache Software Foundation of ShenYu Server-side request forgery vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-015478

DESCRIPTION

There exists an SSRF (Server-Side Request Forgery) vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and retrieve corresponding responses by inputting any URL into the requestUrl parameter. Of particular concern is our ability to exert control over the HTTP method, cookies, IP address, and headers. This effectively grants us the capability to dispatch complete HTTP requests to hosts of our choosing. This issue affects Apache ShenYu: 2.5.1. Upgrade to Apache ShenYu 2.6.0 or apply patch https://github.com/apache/shenyu/pull/4776

Trust: 1.71

sources: NVD: CVE-2023-25753 // JVNDB: JVNDB-2023-015478 // VULMON: CVE-2023-25753

AFFECTED PRODUCTS

vendor:	apache	model:	shenyu	scope:	eq	version:	2.5.1	Trust: 1.8
vendor:	apache	model:	shenyu	scope:	eq	version:	-	Trust: 0.8
vendor:	apache	model:	shenyu	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-015478 // NVD: CVE-2023-25753

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-25753
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2023-25753
value:	MEDIUM
Trust: 0.8

nvd@nist.gov:	CVE-2023-25753
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.5
version:	3.1
Trust: 1.0
NVD:	CVE-2023-25753
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-015478 // NVD: CVE-2023-25753

PROBLEMTYPE DATA

problemtype:	CWE-918	Trust: 1.0
problemtype:	Server-side request forgery (CWE-918) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-015478 // NVD: CVE-2023-25753

EXTERNAL IDS

db:	NVD	id:	CVE-2023-25753	Trust: 2.7
db:	JVNDB	id:	JVNDB-2023-015478	Trust: 0.8
db:	VULMON	id:	CVE-2023-25753	Trust: 0.1

sources: VULMON: CVE-2023-25753 // JVNDB: JVNDB-2023-015478 // NVD: CVE-2023-25753

REFERENCES

url:	https://lists.apache.org/thread/chprswxvb22z35vnoxv9tt3zknsm977d	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2023-25753	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/918.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2023-25753 // JVNDB: JVNDB-2023-015478 // NVD: CVE-2023-25753

SOURCES

db:	VULMON	id:	CVE-2023-25753
db:	JVNDB	id:	JVNDB-2023-015478
db:	NVD	id:	CVE-2023-25753

LAST UPDATE DATE

2024-08-14T15:26:23.679000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2023-25753	date:	2023-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2023-015478	date:	2023-12-27T06:41:00
db:	NVD	id:	CVE-2023-25753	date:	2023-10-25T17:20:20.830

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2023-25753	date:	2023-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2023-015478	date:	2023-12-27T00:00:00
db:	NVD	id:	CVE-2023-25753	date:	2023-10-19T09:15:08.480