CVE-2023-47112

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and groups for any project, without the necessary authorization checks. The output of these endpoints only exposes the name of job groups and the jobs contained within the specified project. The output is read-only and the access does not allow changes to the information. This vulnerability has been patched in version 4.17.3. Users are advised to upgrade. Users unable to upgrade may block access to the two URLs used in either Rundeck Open Source or Process Automation products at a load balancer level.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/rundeck/rundeck/security/advisories/GHSA-xvmv-4rx6-x6jx	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:pagerduty:rundeck:*:*:*:*:*:*:*:*

History

25 Nov 2023, 02:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.3
First Time		Pagerduty Pagerduty rundeck
CPE		cpe:2.3:a:pagerduty:rundeck::::::::
References	~~() https://github.com/rundeck/rundeck/security/advisories/GHSA-xvmv-4rx6-x6jx -~~	() https://github.com/rundeck/rundeck/security/advisories/GHSA-xvmv-4rx6-x6jx - Vendor Advisory

16 Nov 2023, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-11-16 22:15

Updated : 2023-12-10 15:26

NVD link : CVE-2023-47112

Mitre link : CVE-2023-47112

CVE.ORG link : CVE-2023-47112

JSON object : View

Products Affected

pagerduty

rundeck

CWE

CWE-862

Missing Authorization

{"id": "CVE-2023-47112", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2023-11-16T22:15:28.157", "references": [{"url": "https://github.com/rundeck/rundeck/security/advisories/GHSA-xvmv-4rx6-x6jx", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and groups for any project, without the necessary authorization checks. The output of these endpoints only exposes the name of job groups and the jobs contained within the specified project. The output is read-only and the access does not allow changes to the information. This vulnerability has been patched in version 4.17.3. Users are advised to upgrade. Users unable to upgrade may block access to the two URLs used in either Rundeck Open Source or Process Automation products at a load balancer level."}, {"lang": "es", "value": "Rundeck es un servicio de automatizaci\u00f3n de c\u00f3digo abierto con una consola web, herramientas de l\u00ednea de comandos y una WebAPI. En las versiones afectadas, el acceso a dos URL utilizadas en los productos Rundeck Open Source y Process Automation podr\u00eda permitir a los usuarios autenticados acceder a la ruta URL, que proporciona una lista de nombres de trabajos y grupos para cualquier proyecto, sin las comprobaciones de autorizaci\u00f3n necesarias. La salida de estos endpoints solo expone el nombre de los grupos de trabajos y los trabajos contenidos dentro del proyecto especificado. La salida es de s\u00f3lo lectura y el acceso no permite cambios en la informaci\u00f3n. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 4.17.3. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar pueden bloquear el acceso a las dos URL utilizadas en los productos Rundeck Open Source o Process Automation a nivel de balanceador de carga."}], "lastModified": "2023-11-25T02:16:54.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pagerduty:rundeck:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "716626F7-3AD7-434A-AF44-5B937712AB85", "versionEndExcluding": "4.17.3", "versionStartIncluding": "4.17.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}