Liferay Portal 7.4.3.48 < 7.4.3.77 REDoS

2023-05-2900:00:00

www.tenable.com

liferay portal

remote attackers

denial of service

0.002 Low

EPSS

Percentile

52.0%

JSON

Pattern Redirects in Liferay Portal and Liferay DXP allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(176448);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/06/22");

  script_cve_id("CVE-2023-33950");
  script_xref(name:"IAVA", value:"2023-A-0267-S");

  script_name(english:"Liferay Portal 7.4.3.48 < 7.4.3.77 REDoS");

  script_set_attribute(attribute:"synopsis", value:
"An application running on a remote web server host is affected by a denial of service vulnerability");
  script_set_attribute(attribute:"description", value:
"Pattern Redirects in Liferay Portal and Liferay DXP allows regular expressions that are vulnerable to ReDoS attacks to
be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted 
request URLs.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33950
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?980e259e");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Liferay Portal 7.4.3.77 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-33950");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/29");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:liferay:liferay_portal");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("liferay_detect.nasl");
  script_require_keys("installed_sw/liferay_portal");
  script_require_ports("Services/www", 8080);

  exit(0);
}
include('http.inc');
include('vcf.inc');

var port = get_http_port(default:8080);
var app_info = vcf::get_app_info(app:'liferay_portal', webapp:TRUE, port:port);

var constraints = [ {'min_version': '7.4.3.48' , 'fixed_version': '7.4.3.77'} ];

vcf::check_version_and_report(
  app_info:app_info, 
  constraints:constraints, 
  severity:SECURITY_HOLE
);

VendorProductVersionCPE
liferayliferay_portalcpe:/a:liferay:liferay_portal

Vendor	Product	Version	CPE
liferay	liferay_portal		cpe:/a:liferay:liferay_portal

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33950

www.nessus.org/u?980e259e

0.002 Low

EPSS

Percentile

52.0%

JSON

Related for LIFERAY_7_4_3_77_CVE-2023-33950.NASL