Arbitrary File Upload Vulnerability in GeoServer Could Lead to Remote Code Execution
CVE-2023-51444

7.2HIGH

Key Information:

Vendor

Geoserver

Status
Vendor
CVE Published:
20 March 2024

Badges

📰 News Worthy

What is CVE-2023-51444?

GeoServer, an open-source server for sharing and editing geospatial data, contains an arbitrary file upload vulnerability that affects versions prior to 2.23.4 and 2.24.1. This vulnerability arises when an authenticated administrator, granted permission to modify coverage stores via the REST Coverage Store API, can upload arbitrary file content to arbitrary locations. Coverage stores configured with relative paths include validations to prevent path traversal, while those using absolute paths are vulnerable due to a different implementation lacking such protections. Exploiting this issue can lead to executing arbitrary code, and an administrator with limited permissions could potentially overwrite essential GeoServer security files, gaining elevated privileges. The issue has been addressed in GeoServer versions 2.23.4 and 2.24.1.

Affected Version(s)

geoserver < 2.23.4 < 2.23.4

geoserver = 2.24.0 = 2.24.0

News Articles

墨知 - 软件供应链安全技术社区

墨知是国内首个专注软件供应链安全领域的技术社区,社区致力于为国内数百万技术人员提供全方位的软件供应链安全专业知识内容,包括软件供应链安全技术、漏洞情报、开源组件安全、SBOM、软件成分分析(SCA)、开源许可证合规等前沿技术及最佳实践

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by zhi.oscs1024.com

  • Vulnerability published

  • Vulnerability Reserved

.