CVE-2023-41889 - Vulnerability Details - OpenCVE

ReportizFlow

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface after the normalization. The fix is initially performing the Unicode normalization and then strip for all whitespaces and then checking for a blank string. This issue has been fixed in version 1.18.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact partial

Vendors	Products
Ss-proj	Shirasagi

Configuration 1 [-]

cpe:2.3:a:ss-proj:shirasagi:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72
https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r
https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks

History

Wed, 25 Sep 2024 19:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-09-15T20:09:27.714Z

Updated: 2024-09-25T18:54:14.277Z

Reserved: 2023-09-04T16:31:48.225Z

Link: CVE-2023-41889

Vulnrichment

Updated: 2024-08-02T19:09:49.346Z

NVD

Status : Modified

Published: 2023-09-15T21:15:11.503

Modified: 2024-11-21T08:21:51.613

Link: CVE-2023-41889

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41889", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-09-04T16:31:48.225Z", "datePublished": "2023-09-15T20:09:27.714Z", "dateUpdated": "2024-09-25T18:54:14.277Z"}, "containers": {"cna": {"title": "Late-Unicode normalization vulnerability in SHIRASAGI", "problemTypes": [{"descriptions": [{"cweId": "CWE-176", "lang": "en", "description": "CWE-176: Improper Handling of Unicode Encoding", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r"}, {"name": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72", "tags": ["x_refsource_MISC"], "url": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72"}, {"name": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks", "tags": ["x_refsource_MISC"], "url": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks"}], "affected": [{"vendor": "shirasagi", "product": "shirasagi", "versions": [{"version": "< 1.18.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-09-15T20:09:27.714Z"}, "descriptions": [{"lang": "en", "value": "SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface after the normalization. The fix is initially performing the Unicode normalization and then strip for all whitespaces and then checking for a blank string. This issue has been fixed in version 1.18.0.\n"}], "source": {"advisory": "GHSA-xr45-c2jv-2v9r", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:09:49.346Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r"}, {"name": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72"}, {"name": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-25T18:54:02.669560Z", "id": "CVE-2023-41889", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T18:54:14.277Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r", "name": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72", "name": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks", "name": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:09:49.346Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-41889", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-25T18:54:02.669560Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T18:54:09.761Z"}}], "cna": {"title": "Late-Unicode normalization vulnerability in SHIRASAGI", "source": {"advisory": "GHSA-xr45-c2jv-2v9r", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "shirasagi", "product": "shirasagi", "versions": [{"status": "affected", "version": "< 1.18.0"}]}], "references": [{"url": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r", "name": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72", "name": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72", "tags": ["x_refsource_MISC"]}, {"url": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks", "name": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface after the normalization. The fix is initially performing the Unicode normalization and then strip for all whitespaces and then checking for a blank string. This issue has been fixed in version 1.18.0.\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-176", "description": "CWE-176: Improper Handling of Unicode Encoding"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-09-15T20:09:27.714Z"}}}, "cveMetadata": {"cveId": "CVE-2023-41889", "state": "PUBLISHED", "dateUpdated": "2024-09-25T18:54:14.277Z", "dateReserved": "2023-09-04T16:31:48.225Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-09-15T20:09:27.714Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ss-proj:shirasagi:*:*:*:*:*:*:*:*", "matchCriteriaId": "96B19CE9-B96E-4A30-9053-7532F1EF6684", "versionEndExcluding": "1.18.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface after the normalization. The fix is initially performing the Unicode normalization and then strip for all whitespaces and then checking for a blank string. This issue has been fixed in version 1.18.0.\n"}, {"lang": "es", "value": "SHIRASAGI es un sistema de gesti\u00f3n de contenidos. Antes de la versi\u00f3n 1.18.0, SHIRASAGI era vulnerable a un problema de normalizaci\u00f3n posterior a Unicode. Esto sucede cuando se realiza una validaci\u00f3n l\u00f3gica o una verificaci\u00f3n de seguridad antes de una normalizaci\u00f3n Unicode. El car\u00e1cter Unicode equivalente a un car\u00e1cter resurgir\u00eda despu\u00e9s de la normalizaci\u00f3n. La soluci\u00f3n consiste inicialmente en realizar la normalizaci\u00f3n Unicode y luego eliminar todos los espacios en blanco y luego comprobar si hay una cadena en blanco. Este problema se solucion\u00f3 en la versi\u00f3n 1.18.0."}], "id": "CVE-2023-41889", "lastModified": "2024-11-21T08:21:51.613", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-09-15T21:15:11.503", "references": [{"source": "[email protected]", "tags": ["Product"], "url": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72"}, {"source": "[email protected]", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r"}, {"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://github.com/shirasagi/shirasagi/blob/f249ce3f06f6bfbc0017b38f5c13de424334c3ea/app/models/concerns/rdf/object.rb#L68-L72"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/shirasagi/shirasagi/security/advisories/GHSA-xr45-c2jv-2v9r"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://sim4n6.beehiiv.com/p/unicode-characters-bypass-security-checks"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-176"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-116"}], "source": "[email protected]", "type": "Primary"}]}