cve-2023-35853
Vulnerability from cvelistv5
Published
2023-06-19 00:00
Modified
2024-12-11 17:04
Severity ?
Summary
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.
References
cve@mitre.orghttps://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81daPatch, Vendor Advisory
cve@mitre.orghttps://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13Vendor Advisory
cve@mitre.orghttps://www.stamus-networks.com/stamus-labsNot Applicable
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81daPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.stamus-networks.com/stamus-labsNot Applicable
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:30:45.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.stamus-networks.com/stamus-labs"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-35853",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-11T17:00:05.266506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-11T17:04:00.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-19T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13"
        },
        {
          "url": "https://www.stamus-networks.com/stamus-labs"
        },
        {
          "url": "https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-35853",
    "datePublished": "2023-06-19T00:00:00",
    "dateReserved": "2023-06-19T00:00:00",
    "dateUpdated": "2024-12-11T17:04:00.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.0.13\", \"matchCriteriaId\": \"1FDDE2F7-D633-4FBC-8EE1-6145A82AC02F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.\"}, {\"lang\": \"es\", \"value\": \"En Suricata antes de la versi\\u00f3n 6.0.13, un adversario que controle una fuente externa de reglas Lua puede ser capaz de ejecutar c\\u00f3digo Lua. Esto se soluciona en la versi\\u00f3n 6.0.13 deshabilitando Lua a menos que \\\"allow-rules\\\" sea verdadero en la secci\\u00f3n de configuraci\\u00f3n de seguridad de Lua.  \"}]",
      "id": "CVE-2023-35853",
      "lastModified": "2024-12-11T17:15:13.037",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-06-19T04:15:11.287",
      "references": "[{\"url\": \"https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.stamus-networks.com/stamus-labs\", \"source\": \"cve@mitre.org\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.stamus-networks.com/stamus-labs\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-35853\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-06-19T04:15:11.287\",\"lastModified\":\"2024-12-11T17:15:13.037\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.\"},{\"lang\":\"es\",\"value\":\"En Suricata antes de la versi\u00f3n 6.0.13, un adversario que controle una fuente externa de reglas Lua puede ser capaz de ejecutar c\u00f3digo Lua. Esto se soluciona en la versi\u00f3n 6.0.13 deshabilitando Lua a menos que \\\"allow-rules\\\" sea verdadero en la secci\u00f3n de configuraci\u00f3n de seguridad de Lua.  \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.13\",\"matchCriteriaId\":\"1FDDE2F7-D633-4FBC-8EE1-6145A82AC02F\"}]}]}],\"references\":[{\"url\":\"https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.stamus-networks.com/stamus-labs\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.stamus-networks.com/stamus-labs\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.stamus-networks.com/stamus-labs\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:30:45.383Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-35853\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-11T17:00:05.266506Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-11T17:03:52.743Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13\"}, {\"url\": \"https://www.stamus-networks.com/stamus-labs\"}, {\"url\": \"https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-06-19T00:00:00\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-35853\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-11T17:04:00.808Z\", \"dateReserved\": \"2023-06-19T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-06-19T00:00:00\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.