CVE-2023-7078

Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external network interfaces (as was the default in wrangler until 3.19.0), an attacker on the local network could access other local servers.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/cloudflare/workers-sdk/pull/4532	Patch
https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cloudflare:miniflare:*:*:*:*:*:node.js:*:*

History

05 Jan 2024, 18:12

Type	Values Removed	Values Added
References	~~() https://github.com/cloudflare/workers-sdk/pull/4532 -~~	() https://github.com/cloudflare/workers-sdk/pull/4532 - Patch
References	~~() https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7 -~~	() https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7 - Patch, Third Party Advisory
CPE		cpe:2.3:a:cloudflare:miniflare::::::node.js::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.1
CWE		CWE-918

29 Dec 2023, 13:56

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-12-29 12:15

Updated : 2024-02-05 00:22

NVD link : CVE-2023-7078

Mitre link : CVE-2023-7078

CVE.ORG link : CVE-2023-7078

JSON object : View

Products Affected

cloudflare

miniflare

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2023-7078", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "cna@cloudflare.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 1.2}]}, "published": "2023-12-29T12:15:47.537", "references": [{"url": "https://github.com/cloudflare/workers-sdk/pull/4532", "tags": ["Patch"], "source": "cna@cloudflare.com"}, {"url": "https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7", "tags": ["Patch", "Third Party Advisory"], "source": "cna@cloudflare.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}, {"type": "Secondary", "source": "cna@cloudflare.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external network interfaces (as was the default in wrangler\u00a0until 3.19.0), an attacker on the local network could access other local servers.\n\n"}, {"lang": "es", "value": "El env\u00edo de solicitudes HTTP especialmente manipuladas al Miniflare's server podr\u00eda dar como resultado el env\u00edo de solicitudes HTTP y WebSocket arbitrarias desde el servidor. Si Miniflare estaba configurado para escuchar en interfaces de red externas (como era el valor predeterminado en Wrangler hasta 3.19.0), un atacante en la red local podr\u00eda acceder a otros servidores locales."}], "lastModified": "2024-01-05T18:12:41.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudflare:miniflare:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "67511B20-A2DE-4225-9355-59DADBDC39C2", "versionEndExcluding": "3.20231030.2", "versionStartIncluding": "3.20230821.0"}], "operator": "OR"}]}], "sourceIdentifier": "cna@cloudflare.com"}