Vulnerability-Lookup

CNVD-2023-25929

Vulnerability from cnvd - Published: 2023-04-12

Title

Apache Fineract服务器请求伪造漏洞

Description

Apache Fineract是一个开源的系统，用于核心银行系统平台化建设。为创业者、金融机构和服务提供商提供了一个可靠、健壮的、可负担得起的金融服务解决方案。 Apache Fineract 1.4到1.8.3版本存在服务端请求伪造漏洞，攻击者可以利用该漏洞探测内网信息，攻击内网应用。

Severity

高

Patch Name

Apache Fineract服务器请求伪造漏洞的补丁

Patch Description

Apache Fineract是一个开源的系统，用于核心银行系统平台化建设。为创业者、金融机构和服务提供商提供了一个可靠、健壮的、可负担得起的金融服务解决方案。 Apache Fineract 1.4到1.8.3版本存在服务端请求伪造漏洞，攻击者可以利用该漏洞探测内网信息，攻击内网应用。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载: https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6

Reference

https://nvd.nist.gov/vuln/detail/CVE-2023-25195

Impacted products

Name
Apache Apache Fineract >=1.4.0，<=1.8.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-25195",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-25195"
    }
  },
  "description": "Apache Fineract\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u7cfb\u7edf\uff0c\u7528\u4e8e\u6838\u5fc3\u94f6\u884c\u7cfb\u7edf\u5e73\u53f0\u5316\u5efa\u8bbe\u3002\u4e3a\u521b\u4e1a\u8005\u3001\u91d1\u878d\u673a\u6784\u548c\u670d\u52a1\u63d0\u4f9b\u5546\u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u9760\u3001\u5065\u58ee\u7684\u3001\u53ef\u8d1f\u62c5\u5f97\u8d77\u7684\u91d1\u878d\u670d\u52a1\u89e3\u51b3\u65b9\u6848\u3002\n\nApache Fineract 1.4\u52301.8.3\u7248\u672c\u5b58\u5728\u670d\u52a1\u7aef\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u63a2\u6d4b\u5185\u7f51\u4fe1\u606f\uff0c\u653b\u51fb\u5185\u7f51\u5e94\u7528\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d:\r\nhttps://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-25929",
  "openTime": "2023-04-12",
  "patchDescription": "Apache Fineract\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u7cfb\u7edf\uff0c\u7528\u4e8e\u6838\u5fc3\u94f6\u884c\u7cfb\u7edf\u5e73\u53f0\u5316\u5efa\u8bbe\u3002\u4e3a\u521b\u4e1a\u8005\u3001\u91d1\u878d\u673a\u6784\u548c\u670d\u52a1\u63d0\u4f9b\u5546\u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u9760\u3001\u5065\u58ee\u7684\u3001\u53ef\u8d1f\u62c5\u5f97\u8d77\u7684\u91d1\u878d\u670d\u52a1\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nApache Fineract 1.4\u52301.8.3\u7248\u672c\u5b58\u5728\u670d\u52a1\u7aef\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u63a2\u6d4b\u5185\u7f51\u4fe1\u606f\uff0c\u653b\u51fb\u5185\u7f51\u5e94\u7528\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Fineract\u670d\u52a1\u5668\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Apache Fineract \u003e=1.4.0\uff0c\u003c=1.8.3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-25195",
  "serverity": "\u9ad8",
  "submitTime": "2023-03-30",
  "title": "Apache Fineract\u670d\u52a1\u5668\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

CVE-2023-25195 (GCVE-0-2023-25195)

Vulnerability from cvelistv5 – Published: 2023-03-28 11:16 – Updated: 2024-10-23 15:16

Title

Apache Fineract: SSRF template type vulnerability in certain authenticated users

Summary

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 through 1.8.3.

Severity ?

No CVSS data available.

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Assigner

apache

References

URL

Tags

https://lists.apache.org/thread/m58fdjmtkfp9h4c0r…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Fineract	Affected: 1.4 , ≤ 1.8.3 (semver)

Credits

Huydoppa from GHTK Aleksander

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:18:36.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fineract",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "1.8.3",
                "status": "affected",
                "version": "1.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-25195",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T15:15:05.674623Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T15:16:08.717Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Apache Fineract",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "1.8.3",
              "status": "affected",
              "version": "1.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Huydoppa from GHTK "
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Aleksander"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.\u003cbr\u003e\u003cp\u003eAuthorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects Apache Fineract: from 1.4 through 1.8.3.\u003c/p\u003e"
            }
          ],
          "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.\nAuthorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.\u00a0\n\nThis issue affects Apache Fineract: from 1.4 through 1.8.3.\n\n"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-28T11:16:28.304Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Fineract: SSRF template type vulnerability in certain authenticated users",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-25195",
    "datePublished": "2023-03-28T11:16:28.304Z",
    "dateReserved": "2023-02-06T01:32:05.395Z",
    "dateUpdated": "2024-10-23T15:16:08.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2023-25929

CVE-2023-25195 (GCVE-0-2023-25195)

Tags

Sightings

Nomenclature