CVE-2023-37279

Faktory is a language-agnostic persistent background job server. Prior to version 1.8.0, the Faktory web dashboard can suffer from denial of service by a crafted malicious url query param `days`. The vulnerability is related to how the backend reads the `days` URL query parameter in the Faktory web dashboard. The value is used directly without any checks to create a string slice. If a very large value is provided, the backend server ends up using a significant amount of memory and causing it to crash. Version 1.8.0 fixes this issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/contribsys/faktory/security/advisories/GHSA-x4hh-vjm7-g2jv	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:contribsys:faktory:*:*:*:*:*:go:*:*

History

25 Sep 2023, 14:08

Type	Values Removed	Values Added
CPE		cpe:2.3:a:contribsys:faktory::::::go::*
First Time		Contribsys faktory Contribsys
References	~~(MISC) https://github.com/contribsys/faktory/security/advisories/GHSA-x4hh-vjm7-g2jv -~~	(MISC) https://github.com/contribsys/faktory/security/advisories/GHSA-x4hh-vjm7-g2jv - Exploit, Vendor Advisory
CWE	~~CWE-789~~
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

20 Sep 2023, 22:23

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-09-20 22:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-37279

Mitre link : CVE-2023-37279

CVE.ORG link : CVE-2023-37279

JSON object : View

Products Affected

contribsys

faktory

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-789

Memory Allocation with Excessive Size Value

{"id": "CVE-2023-37279", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-09-20T22:15:13.093", "references": [{"url": "https://github.com/contribsys/faktory/security/advisories/GHSA-x4hh-vjm7-g2jv", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-770"}, {"lang": "en", "value": "CWE-789"}]}], "descriptions": [{"lang": "en", "value": "Faktory is a language-agnostic persistent background job server. Prior to version 1.8.0, the Faktory web dashboard can suffer from denial of service by a crafted malicious url query param `days`. The vulnerability is related to how the backend reads the `days` URL query parameter in the Faktory web dashboard. The value is used directly without any checks to create a string slice. If a very large value is provided, the backend server ends up using a significant amount of memory and causing it to crash. Version 1.8.0 fixes this issue."}, {"lang": "es", "value": "Faktory es un servidor de trabajos en segundo plano persistente e independiente del idioma. Antes de la versi\u00f3n 1.8.0, el panel web de Faktory pod\u00eda sufrir una Denegaci\u00f3n de Servicio debido a un par\u00e1metro de consulta de URL malicioso manipulado `days`. La vulnerabilidad est\u00e1 relacionada con la forma en que el backend lee el par\u00e1metro de consulta de URL `days` en el panel web de Faktory. El valor se usa directamente sin ninguna verificaci\u00f3n para crear un segmento de cadena. Si se proporciona un valor muy grande, el servidor backend termina usando una cantidad significativa de memoria y provocando que falle. La versi\u00f3n 1.8.0 soluciona este problema."}], "lastModified": "2023-09-25T14:08:26.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:contribsys:faktory:*:*:*:*:*:go:*:*", "vulnerable": true, "matchCriteriaId": "CB5CDDB1-B61E-426C-8DD1-FE02A1558A41", "versionEndExcluding": "1.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}