GSD-2023-46595

Vulnerability from gsd - Updated: 2023-12-13 01:20
Details
Net-NTLM leak via stored HTML injection in FireFlow's VisualFlow workflow editor using Name and Description field. It also impacts  FireFlow's VisualFlow workflow editor outbound actions using Name and Category parameter. Fixed in version A32.20 (b570 and above),  A32.50 (b400 and above),  A32.60 (b220 and above)
Aliases
Aliases
CVE-2023-46595
To clipboard 

{
  "GSD": {
    "alias": "CVE-2023-46595",
    "id": "GSD-2023-46595"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-46595"
      ],
      "details": "Net-NTLM leak via stored HTML injection in FireFlow\u0027s VisualFlow workflow editor using Name and Description field. It also impacts\u00a0\n\nFireFlow\u0027s VisualFlow workflow editor\n\n outbound actions using Name and Category parameter. Fixed in version A32.20 (b570 and above),\u00a0\n\nA32.50 (b400 and above),\u00a0\n\nA32.60 (b220 and above)\n\n",
      "id": "GSD-2023-46595",
      "modified": "2023-12-13T01:20:52.861838Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security.vulnerabilities@algosec.com",
        "ID": "CVE-2023-46595",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Algosec FireFlow",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "A32.20, A32.50"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Algosec"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Micha\u0142 Bogdanowicz from Nordea Bank ABP (https://www.linkedin.com/in/micha%C5%82-bogdanowicz-603267a8/)"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor\u00a0allows an attacker\u00a0to obtain victim\u2019s domain credentials and Net-NTLM hash which can lead\u00a0to relay domain attacks. Fixed in\u00a0A32.20 (b570 or above),  A32.50 (b390 or above)\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-79",
                "lang": "eng",
                "value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cwe.mitre.org/data/definitions/79.html",
            "refsource": "MISC",
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade ASMS suite to\u0026nbsp;A32.20 (b570 or above),\u0026nbsp; A32.50 (b390 or above)\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.algosec.com/en/downloads/hotfix_releases\"\u003ehttps://portal.algosec.com/en/downloads/hotfix_releases\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "Upgrade ASMS suite to\u00a0A32.20 (b570 or above),\u00a0 A32.50 (b390 or above)\n https://portal.algosec.com/en/downloads/hotfix_releases https://portal.algosec.com/en/downloads/hotfix_releases \n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:algosec:fireflow:a32.20:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5F57DA17-E133-43D9-AC12-60CBD0FBC253",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:algosec:fireflow:a32.50:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E3144E50-DB4B-4342-8147-7604003EC8D7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:algosec:fireflow:a32.60:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8DF7FEFC-C3D7-490D-BE7C-1FE5EBB3B7F2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor\u00a0allows an attacker\u00a0to obtain victim\u2019s domain credentials and Net-NTLM hash which can lead\u00a0to relay domain attacks. Fixed in\u00a0A32.20 (b570 or above),  A32.50 (b390 or above)\n\n"
          },
          {
            "lang": "es",
            "value": "La fuga de Net-NTLM en Fireflow A32.20 y A32.50 permite a un atacante obtener las credenciales de dominio de la v\u00edctima y el hash Net-NTLM, lo que puede provocar ataques de dominio de retransmisi\u00f3n."
          }
        ],
        "id": "CVE-2023-46595",
        "lastModified": "2024-02-15T06:15:45.310",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.3,
              "impactScore": 2.7,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "exploitabilityScore": 0.4,
              "impactScore": 5.5,
              "source": "security.vulnerabilities@algosec.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-11-02T08:15:08.040",
        "references": [
          {
            "source": "security.vulnerabilities@algosec.com",
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          }
        ],
        "sourceIdentifier": "security.vulnerabilities@algosec.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-79"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-79"
              }
            ],
            "source": "security.vulnerabilities@algosec.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.