CVE-2023-46808

An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation may lead to execution of commands in the context of non-root user.

CVSS v3 9.9 CRITICAL

9.9^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ivanti:neurons_for_itsm:*:*:*:*:*:*:*:*

History

01 Aug 2024, 13:45

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de carga de archivos en Ivanti ITSM anterior a 2023.4 permite a un usuario remoto autenticado realizar escrituras de archivos en el servidor. La explotación exitosa puede conducir a la ejecución de comandos en el contexto de un usuario no root.

01 Apr 2024, 15:31

Type	Values Removed	Values Added
CPE		cpe:2.3:a:ivanti:neurons_for_itsm::::::::
References	~~() https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM -~~	() https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM - Vendor Advisory
First Time		Ivanti neurons For Itsm Ivanti
CWE		CWE-434

31 Mar 2024, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-31 02:15

Updated : 2024-08-01 13:45

NVD link : CVE-2023-46808

Mitre link : CVE-2023-46808

CVE.ORG link : CVE-2023-46808

JSON object : View

Products Affected

ivanti

neurons_for_itsm

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2023-46808", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2024-03-31T02:15:08.757", "references": [{"url": "https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM", "tags": ["Vendor Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation may lead to execution of commands in the context of non-root user. "}, {"lang": "es", "value": "Una vulnerabilidad de carga de archivos en Ivanti ITSM anterior a 2023.4 permite a un usuario remoto autenticado realizar escrituras de archivos en el servidor. La explotaci\u00f3n exitosa puede conducir a la ejecuci\u00f3n de comandos en el contexto de un usuario no root."}], "lastModified": "2024-08-01T13:45:01.253", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ivanti:neurons_for_itsm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75BA7A8E-E2F2-41B3-9BD1-56CFC430887E", "versionEndExcluding": "2023.4"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}