![]() ![]() ![]() 01/20/23 – ZDI reported the vulnerability to the vendor. An attacker can leverage this vulnerability to execute code in the context of the current user. The issue results from the lack of validating a remote JAR file prior to loading it. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.The specific flaw exists within the downloadLaunchClientJar function. The `docker_reference` input should be sanitized to avoid command injections and, as a workaround, one may avoid creating commands with user controlled input directly.ĬVE-2023-39474 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Version 32.5.1 contains a patch for this issue. The vulnerability appears for example if a malicious user adds a semicolon after the input of `docker:// `, it would allow appending malicious commands. Although the command injections are blind and the user will not receive direct feedback without logs, it is still possible to cause damage to the server/container. A malicious user who is able to create or add inputs to a project can inject commands. The `n_command` then executes the shell command without any prior sanitization, making the function vulnerable to command injections. However, the `get_docker_image_plaform` function constructs a shell command with the passed `docker_reference`. The `docker_reference` variable is then passed to the vulnerable function `get_docker_image_platform`. In the function `scanpipe/pipes/fetch.py:fetch_docker_image` the parameter `docker_reference` is user controllable. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the `docker_reference` parameter. ![]() CVE-2023-39523 ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |