Lucene search

[email protected]CVE-2023-35852

HistoryJun 19, 2023 - 4:15 a.m.

CVE-2023-35852

2023-06-1904:15:11

CWE-22

[email protected]

web.nvd.nist.gov

120

suricata

cve-2023-35852

security

directory traversal

filesystem write access

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.3%

JSON

In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation.

Affected configurations

NVD

Node

oisfsuricataRange<6.0.13

CPENameOperatorVersion
oisf:suricataoisf suricatalt6.0.13

CPE	Name	Operator	Version
oisf:suricata	oisf suricata	lt	6.0.13

References

github.com/OISF/suricata/commit/735f5aa9ca3b28cfacc7a443f93a44387fbacf17

github.com/OISF/suricata/commit/aee1523b4591430ebed1ded0bb95508e6717a335

github.com/OISF/suricata/compare/suricata-6.0.12...suricata-6.0.13

www.stamus-networks.com/stamus-labs

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.3%

JSON

Related for CVE-2023-35852

prion1 cvelist1 nvd1 veracode1 alpinelinux1 debiancve1 osv1 ubuntucve1 rosalinux2 photon2