CVE-2023-22947

CVSS V2 None CVSS V3 None
Description
** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake."
Overview
  • CVE ID
  • CVE-2023-22947
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-11T02:15:11
  • Last Modified Date
  • 2023-01-23T15:26:42
Weakness Enumerations
CWE URL
CWE-427 http://cwe.mitre.org/data/definitions/427.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:shibboleth:service_provider:*:*:*:*:*:*:*:* 1 OR 3.4.1
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://shibboleth.atlassian.net/browse/SSPCPP-961
https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335545/Install+on+Windows#Restricting-ACLs
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-22947
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22947
History
Created Old Value New Value Data Type Notes
2023-01-11 02:17:19 Added to TrackCVE
2023-01-12 05:17:06 2023-01-11T15:09:22 CVE Modified Date updated
2023-01-12 05:17:06 Received Awaiting Analysis Vulnerability Status updated
2023-01-18 13:14:33 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-23 16:14:25 2023-01-23T15:26:42 CVE Modified Date updated
2023-01-23 16:14:25 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-23 16:14:25 Weakness Enumeration new
2023-01-23 16:14:25 CPE Information updated