An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.
References
| Link | Resource |
|---|---|
| https://docs.divvycloud.com/changelog/23321-release-notes | Release Notes |
| https://nephosec.com/exploiting-rapid7s-insightcloudsec/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 04:03
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec. |
28 Mar 2023, 16:54
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
| CWE | NVD-CWE-Other | |
| References | (MISC) https://docs.divvycloud.com/changelog/23321-release-notes - Release Notes | |
| References | (MISC) https://nephosec.com/exploiting-rapid7s-insightcloudsec/ - Exploit, Third Party Advisory | |
| First Time |
Rapid7 insightappsec
Rapid7 insightcloudsec Rapid7 |
|
| CPE | cpe:2.3:a:rapid7:insightcloudsec:*:*:*:*:managed:*:*:* cpe:2.3:a:rapid7:insightappsec:*:*:*:*:self-managed:*:*:* cpe:2.3:a:rapid7:insightcloudsec:*:*:*:*:saas:*:*:* |
21 Mar 2023, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-03-21 17:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-1305
Mitre link : CVE-2023-1305
CVE.ORG link : CVE-2023-1305
JSON object : View
Products Affected
rapid7
- insightappsec
- insightcloudsec
CWE