Vulnerability Details : CVE-2023-26470
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make the farm unusable by adding an object to a page with a huge number (e.g. 67108863). Most of the time this will fill the memory allocated to XWiki and make it unusable every time this document is manipulated. This issue has been patched in XWiki 14.0-rc-1.
Vulnerability category: Memory Corruption
Products affected by CVE-2023-26470
- cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-26470
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-26470
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | |
5.7
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H |
2.1
|
3.6
|
GitHub, Inc. |
CWE ids for CVE-2023-26470
-
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.Assigned by: security-advisories@github.com (Secondary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-26470
-
https://github.com/xwiki/xwiki-platform/commit/fdfce062642b0ac062da5cda033d25482f4600fa
XWIKI-19223: Improve xobject memory storage in XWikidocument · xwiki/xwiki-platform@fdfce06 · GitHubPatch
-
https://github.com/xwiki/xwiki-platform/commit/db3d1c62fc5fb59fefcda3b86065d2d362f55164
XWIKI-19223: Improve xobject memory storage in XWikidocument · xwiki/xwiki-platform@db3d1c6 · GitHubPatch
-
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-92wp-r7hm-42g7
Saving a document with a large object number leads to persistent OOM errors · Advisory · xwiki/xwiki-platform · GitHubExploit;Vendor Advisory
-
https://jira.xwiki.org/browse/XWIKI-19223
[XWIKI-19223] Saving a document with a large object number leads to persistent OOM errors - XWiki.org JIRAExploit;Issue Tracking;Patch;Vendor Advisory
-
https://github.com/xwiki/xwiki-platform/commit/04e5a89d2879b160cdfaea846024d3d9c1a525e6
Patch
Jump to