Vulnerability Report

CVE-2023-47636

Title: Pimcore Admin Classic Bundle Injection (SQLi/OSi)

Injection (SQLi/OSi)

Proof Of Concept

No public PoC currently indexed for CVE-2023-47636.

CWE Category CWE-209

Published Date Nov 15, 2023

Modified Date Nov 21, 2024

Exploit Status Not Found

Score 5.3 CVSS v3.1

Exploit Probability (EPSS)

0.00%

Vulnerability Summary

CVE-2023-47636: The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view. In the case of pimcore, the fopen() function here doesn't have an error handle when the file doesn't exist on the server so the server response raises the full path "fopen(/var/www/html/var/tmp/export-{ uniqe id}.csv)". This issue has been patched in commit `10d178ef771` which has been included in release version 1.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Impacted Vendors

pimcore 1

Reference Links

https://github.com/pimcore/admin-ui-classic-bundle/commit/10d178ef771097604a256c1192b098af9ec57a87 https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-c8hj-w239-5gvf https://huntr.com/bounties/4af4db18-9fd4-43e9-8bc6-c88aaf76839c/ https://github.com/pimcore/admin-ui-classic-bundle/commit/10d178ef771097604a256c1192b098af9ec57a87 https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-c8hj-w239-5gvf https://huntr.com/bounties/4af4db18-9fd4-43e9-8bc6-c88aaf76839c/

CVSS v3.1

Source Entity [email protected]

Severity MEDIUM

5.3

Attack Vector

NETWORK

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v3.1

Source Entity [email protected]

Severity MEDIUM

5.3

Attack Vector

NETWORK

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2023-47636 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

November 21, 2024 MODIFIED

Vulnerability data or affected products updated.

November 15, 2023 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK

Complexity LOW

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Stack

No specific products linked.