CVE-2023-5935

When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the configuration process. Such web interface lacks authentication and may thus be abused by a local attacker or malware running on the machine itself. A malicious local user or process, during a window of opportunity when the local web interface is active, may be able to extract sensitive information or change Arc's configuration. This could also lead to arbitrary code execution if a malicious update package is installed.

CVSS v3 7.4 HIGH

7.4^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.4 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://security.nozominetworks.com/NN-2023:13-01
https://security.nozominetworks.com/NN-2023:13-01

Configurations

No configuration.

History

21 Nov 2024, 08:42

Type	Values Removed	Values Added
References	~~() https://security.nozominetworks.com/NN-2023:13-01 -~~	() https://security.nozominetworks.com/NN-2023:13-01 -

15 May 2024, 16:40

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-15 16:15

Updated : 2024-11-21 08:42

NVD link : CVE-2023-5935

Mitre link : CVE-2023-5935

CVE.ORG link : CVE-2023-5935

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2023-5935", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "prodsec@nozominetworks.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.4}], "cvssMetricV40": [{"type": "Secondary", "source": "prodsec@nozominetworks.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 7.3, "automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-05-15T16:15:09.020", "references": [{"url": "https://security.nozominetworks.com/NN-2023:13-01", "source": "prodsec@nozominetworks.com"}, {"url": "https://security.nozominetworks.com/NN-2023:13-01", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "prodsec@nozominetworks.com", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the configuration process. Such web interface lacks authentication and may thus be abused by a local attacker or malware running on the machine itself.\n\n\n\nA malicious local user or process, during a window of opportunity when the local web interface is active, may be able to extract sensitive information or change Arc's configuration. This could also lead to arbitrary code execution if a malicious update package is installed."}, {"lang": "es", "value": "Al configurar Arc (por ejemplo, durante la primera configuraci\u00f3n), se proporciona una interfaz web local para facilitar el proceso de configuraci\u00f3n. Dicha interfaz web carece de autenticaci\u00f3n y, por lo tanto, un atacante local o un malware que se ejecuta en la propia m\u00e1quina pueden abusar de ella. Un usuario o proceso local malicioso, durante una ventana de oportunidad cuando la interfaz web local est\u00e1 activa, puede extraer informaci\u00f3n confidencial o cambiar la configuraci\u00f3n de Arc. Esto tambi\u00e9n podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario si se instala un paquete de actualizaci\u00f3n malicioso."}], "lastModified": "2024-11-21T08:42:48.670", "sourceIdentifier": "prodsec@nozominetworks.com"}