CVE-2023-46851

CVSS V2 None CVSS V3 None

Description

Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution. This issue affects Apache Allura from 1.0.1 through 1.15.0. Users are recommended to upgrade to version 1.16.0, which fixes the issue. If you are unable to upgrade, set "disable_entry_points.allura.importers = forge-tracker, forge-discussion" in your .ini config file.

Overview

CVE ID
CVE-2023-46851

Assigner
apache

Vulnerability Status
PUBLISHED

Published Version
2023-11-07T08:56:35.172Z

Last Modified Date
2023-11-07T08:56:35.172Z

Weakness Enumerations

CWE	URL
CWE-20	http://cwe.mitre.org/data/definitions/20.html
CWE-73	http://cwe.mitre.org/data/definitions/73.html
CWE-200	http://cwe.mitre.org/data/definitions/200.html

References

Reference URL	Reference Tags
https://allura.apache.org/posts/2023-allura-1.16.0.html	vendor-advisory
https://lists.apache.org/thread/hqk0vltl7qgrq215zgwjfoj0khbov0gx	vendor-advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-46851
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46851

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 22:22:06				Added to TrackCVE