In Liferay Portal the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don’t control. The portal property ‘company.security.strangers.verify’ should be set to true.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(176409);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/06/22");
script_cve_id("CVE-2023-33949");
script_xref(name:"IAVA", value:"2023-A-0267-S");
script_name(english:"Liferay Portal 7.0.0 <= 7.0.6 / 7.1.0 <= 7.1.3 / 7.2.0 <= 7.2.1 / 7.3.0 < 7.3.1 Insufficient Verification");
script_set_attribute(attribute:"synopsis", value:
"An application running on a remote web server host is affected by an insufficient verification vulnerability.");
script_set_attribute(attribute:"description", value:
"In Liferay Portal the default configuration does not require users to verify their email address, which allows remote
attackers to create accounts using fake email addresses or email addresses which they don't control. The portal
property 'company.security.strangers.verify' should be set to true.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949?_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_assetEntryId=121810730&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_assetEntryId%3D121810730%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?96852cb3");
script_set_attribute(attribute:"solution", value:
"Upgrade to Liferay Portal 7.3.1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-33949");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/24");
script_set_attribute(attribute:"patch_publication_date", value:"2023/05/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/26");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:liferay:liferay_portal");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("liferay_detect.nasl");
script_require_keys("installed_sw/liferay_portal");
script_require_ports("Services/www", 8080);
exit(0);
}
include('http.inc');
include('vcf.inc');
var port = get_http_port(default:8080);
var app_info = vcf::get_app_info(app:'liferay_portal', webapp:TRUE, port:port);
var constraints = [
{ 'min_version':'7.0.0', 'max_version':'7.0.6', 'fixed_display':'7.3.1' },
{ 'min_version':'7.1.0', 'max_version':'7.1.3', 'fixed_display':'7.3.1' },
{ 'min_version':'7.2.0', 'max_version':'7.2.1', 'fixed_display':'7.3.1' },
{ 'min_version':'7.3.0', 'fixed_version':'7.3.1' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Vendor | Product | Version | CPE |
---|---|---|---|
liferay | liferay_portal | cpe:/a:liferay:liferay_portal |