cvelistv5 - CVE-2023-37582

CVE-2023-37582 (GCVE-0-2023-37582)

Vulnerability from cvelistv5 – Published: 2023-07-12 09:26 – Updated: 2025-04-23 16:20

Summary

The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.

Severity ?

No CVSS data available.

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

apache

References

URL

Tags

	https://lists.apache.org/thread/m614czxtpvlztd7mf…	vendor-advisory
	http://www.openwall.com/lists/oss-security/2023/07/12/1

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache RocketMQ	Affected: 5.0.0 , ≤ 5.1.1 (maven) Affected: 0 , ≤ 4.9.6 (maven)

Credits

soreatu@gmail.com yuansec@outlook.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:16:30.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-37582",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:27:22.203941Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T16:20:32.805Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache RocketMQ",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "5.1.1",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "4.9.6",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "soreatu@gmail.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "yuansec@outlook.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \u003cbr\u003e\u003cbr\u003eWhen NameServer address \u003c/span\u003eare leaked on the extranet and lack permission verification, a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003en attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \u003cbr\u003e\u003cbr\u003eIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-12T09:30:10.439Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
        }
      ],
      "source": {
        "defect": [
          "https://github.com/apache/rocketmq/pull/6843"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Apache RocketMQ: Possible remote code execution when using the update configuration function",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-37582",
    "datePublished": "2023-07-12T09:26:18.652Z",
    "dateReserved": "2023-07-09T11:28:58.413Z",
    "dateUpdated": "2025-04-23T16:20:32.805Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.9.6\", \"matchCriteriaId\": \"B55D62B2-8FCD-4522-A3AE-8DDDA449BFC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0.0\", \"versionEndIncluding\": \"5.1.1\", \"matchCriteriaId\": \"5944A57F-AC51-4AF2-8775-5B8FAD76CF33\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \\n\\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \\n\\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\\n\"}]",
      "id": "CVE-2023-37582",
      "lastModified": "2024-11-21T08:12:00.090",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-07-12T10:15:11.197",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/12/1\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/12/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-37582\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2023-07-12T10:15:11.197\",\"lastModified\":\"2025-04-23T17:16:33.997\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \\n\\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \\n\\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.9.6\",\"matchCriteriaId\":\"B55D62B2-8FCD-4522-A3AE-8DDDA449BFC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndIncluding\":\"5.1.1\",\"matchCriteriaId\":\"5944A57F-AC51-4AF2-8775-5B8FAD76CF33\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/07/12/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/07/12/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/12/1\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T17:16:30.839Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-37582\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:27:22.203941Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T14:33:57.369Z\"}}], \"cna\": {\"title\": \"Apache RocketMQ: Possible remote code execution when using the update configuration function\", \"source\": {\"defect\": [\"https://github.com/apache/rocketmq/pull/6843\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"soreatu@gmail.com\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"yuansec@outlook.com\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache RocketMQ\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.0\", \"versionType\": \"maven\", \"lessThanOrEqual\": \"5.1.1\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"maven\", \"lessThanOrEqual\": \"4.9.6\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/12/1\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \\n\\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \\n\\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eThe RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \u003cbr\u003e\u003cbr\u003eWhen NameServer address \u003c/span\u003eare leaked on the extranet and lack permission verification, a\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003en attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \u003cbr\u003e\u003cbr\u003eIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2023-07-12T09:30:10.439Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-37582\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T16:20:32.805Z\", \"dateReserved\": \"2023-07-09T11:28:58.413Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2023-07-12T09:26:18.652Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CNVD-2023-70283

Vulnerability from cnvd - Published: 2023-09-21

Title

Apache RocketMQ代码注入漏洞

Description

Apache RocketMQ是美国阿帕奇（Apache）基金会的一款轻量级的数据处理平台和消息传递引擎。 Apache RocketMQ存在代码注入漏洞，该漏洞源于NameServer地址在外网泄露且缺乏权限验证，攻击者可利用该漏洞导致NameServer组件存在远程命令执行。

Severity

高

Patch Name

Apache RocketMQ代码注入漏洞的补丁

Patch Description

Apache RocketMQ是美国阿帕奇（Apache）基金会的一款轻量级的数据处理平台和消息传递引擎。 Apache RocketMQ存在代码注入漏洞，该漏洞源于NameServer地址在外网泄露且缺乏权限验证，攻击者可利用该漏洞导致NameServer组件存在远程命令执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc

Reference

https://nvd.nist.gov/vuln/detail/CVE-2023-37582

Impacted products

Name
['Apache RocketMQ >=5.0.0，<=5.1.1', 'Apache RocketMQ <=4.9.6']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-37582",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-37582"
    }
  },
  "description": "Apache RocketMQ\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u6570\u636e\u5904\u7406\u5e73\u53f0\u548c\u6d88\u606f\u4f20\u9012\u5f15\u64ce\u3002\n\nApache RocketMQ\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eNameServer\u5730\u5740\u5728\u5916\u7f51\u6cc4\u9732\u4e14\u7f3a\u4e4f\u6743\u9650\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4NameServer\u7ec4\u4ef6\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-70283",
  "openTime": "2023-09-21",
  "patchDescription": "Apache RocketMQ\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u6570\u636e\u5904\u7406\u5e73\u53f0\u548c\u6d88\u606f\u4f20\u9012\u5f15\u64ce\u3002\r\n\r\nApache RocketMQ\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eNameServer\u5730\u5740\u5728\u5916\u7f51\u6cc4\u9732\u4e14\u7f3a\u4e4f\u6743\u9650\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4NameServer\u7ec4\u4ef6\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache RocketMQ\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apache RocketMQ \u003e=5.0.0\uff0c\u003c=5.1.1",
      "Apache RocketMQ \u003c=4.9.6"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-37582",
  "serverity": "\u9ad8",
  "submitTime": "2023-07-14",
  "title": "Apache RocketMQ\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e"
}

GSD-2023-37582

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-37582

Aliases

CVE-2023-37582

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-37582",
    "id": "GSD-2023-37582"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-37582"
      ],
      "details": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n",
      "id": "GSD-2023-37582",
      "modified": "2023-12-13T01:20:24.845591Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2023-37582",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache RocketMQ",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "5.0.0",
                          "version_value": "5.1.1"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "4.9.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "soreatu@gmail.com"
        },
        {
          "lang": "en",
          "value": "yuansec@outlook.com "
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-94",
                "lang": "eng",
                "value": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2023/07/12/1",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
          }
        ]
      },
      "source": {
        "defect": [
          "https://github.com/apache/rocketmq/pull/6843"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,4.9.6],[5.0.0,5.1.1]",
          "affected_versions": "All versions up to 4.9.6, all versions starting from 5.0.0 up to 5.1.1",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937",
            "CWE-94"
          ],
          "date": "2023-07-20",
          "description": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n",
          "fixed_versions": [
            "4.9.7",
            "5.1.2"
          ],
          "identifier": "CVE-2023-37582",
          "identifiers": [
            "CVE-2023-37582"
          ],
          "not_impacted": "All versions after 4.9.6 before 5.0.0, all versions after 5.1.1",
          "package_slug": "maven/org.apache.rocketmq/rocketmq-broker",
          "pubdate": "2023-07-12",
          "solution": "Upgrade to versions 4.9.7, 5.1.2 or above.",
          "title": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2023-37582",
            "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc",
            "http://www.openwall.com/lists/oss-security/2023/07/12/1"
          ],
          "uuid": "751f4fb6-6e0f-4ed0-aea3-ac3e2673c0cc"
        },
        {
          "affected_range": "(,4.9.6],[5.0.0,5.1.1]",
          "affected_versions": "All versions up to 4.9.6, all versions starting from 5.0.0 up to 5.1.1",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937",
            "CWE-94"
          ],
          "date": "2023-07-20",
          "description": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n",
          "fixed_versions": [
            "4.9.7",
            "5.1.2"
          ],
          "identifier": "CVE-2023-37582",
          "identifiers": [
            "CVE-2023-37582"
          ],
          "not_impacted": "All versions after 4.9.6 before 5.0.0, all versions after 5.1.1",
          "package_slug": "maven/org.apache.rocketmq/rocketmq-client",
          "pubdate": "2023-07-12",
          "solution": "Upgrade to versions 4.9.7, 5.1.2 or above.",
          "title": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2023-37582",
            "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc",
            "http://www.openwall.com/lists/oss-security/2023/07/12/1"
          ],
          "uuid": "5016f110-566d-4645-bbcb-3d9261d88d9e"
        },
        {
          "affected_range": "(,4.9.6],[5.0.0,5.1.1]",
          "affected_versions": "All versions up to 4.9.6, all versions starting from 5.0.0 up to 5.1.1",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937",
            "CWE-94"
          ],
          "date": "2023-07-20",
          "description": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n",
          "fixed_versions": [
            "4.9.7",
            "5.1.2"
          ],
          "identifier": "CVE-2023-37582",
          "identifiers": [
            "CVE-2023-37582"
          ],
          "not_impacted": "All versions after 4.9.6 before 5.0.0, all versions after 5.1.1",
          "package_slug": "maven/org.apache.rocketmq/rocketmq-namesrv",
          "pubdate": "2023-07-12",
          "solution": "Upgrade to versions 4.9.7, 5.1.2 or above.",
          "title": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2023-37582",
            "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc",
            "https://github.com/apache/rocketmq/pull/6843",
            "http://www.openwall.com/lists/oss-security/2023/07/12/1"
          ],
          "uuid": "f7d97cfe-da4c-485e-84df-fb357faf7642"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.9.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.1.1",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2023-37582"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2023/07/12/1",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-07-20T02:11Z",
      "publishedDate": "2023-07-12T10:15Z"
    }
  }
}

FKIE_CVE-2023-37582

Vulnerability from fkie_nvd - Published: 2023-07-12 10:15 - Updated: 2025-04-23 17:16

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@apache.org	http://www.openwall.com/lists/oss-security/2023/07/12/1	Mailing List, Patch, Third Party Advisory
security@apache.org	https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/07/12/1	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc	Mailing List, Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	apache	rocketmq	*
	apache	rocketmq	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55D62B2-8FCD-4522-A3AE-8DDDA449BFC9",
              "versionEndIncluding": "4.9.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:rocketmq:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5944A57F-AC51-4AF2-8775-5B8FAD76CF33",
              "versionEndIncluding": "5.1.1",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks."
    }
  ],
  "id": "CVE-2023-37582",
  "lastModified": "2025-04-23T17:16:33.997",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-07-12T10:15:11.197",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "security@apache.org",
      "type": "Primary"
    }
  ]
}

GHSA-GPQ8-963W-8QC9

Vulnerability from github – Published: 2023-07-12 12:31 – Updated: 2025-02-13 19:00

Summary

RocketMQ NameServer component Code Injection vulnerability

Details

The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1.

When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as.

It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.rocketmq:rocketmq-namesrv"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.9.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.rocketmq:rocketmq-namesrv"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-37582"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-12T17:30:39Z",
    "nvd_published_at": "2023-07-12T10:15:11Z",
    "severity": "CRITICAL"
  },
  "details": "The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.",
  "id": "GHSA-gpq8-963w-8qc9",
  "modified": "2025-02-13T19:00:52Z",
  "published": "2023-07-12T12:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37582"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/rocketmq"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/m614czxtpvlztd7mfgcs2xcsg36rdbnc"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/07/12/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "RocketMQ NameServer component Code Injection vulnerability"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-37582 (GCVE-0-2023-37582)

CNVD-2023-70283

GSD-2023-37582

FKIE_CVE-2023-37582

GHSA-GPQ8-963W-8QC9

Tags

Sightings

Nomenclature