Vulnerability Details : CVE-2023-40180
silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed graphql schemas. If your Silverstripe CMS project does not expose a public facing graphql schema, a user account is required to trigger the DDOS attack. If your site is hosted behind a content delivery network (CDN), such as Imperva or CloudFlare, this may further mitigate the risk. This issue has been addressed in versions 3.8.2, 4.1.3, 4.2.5, 4.3.4, and 5.0.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Vulnerability category: Denial of service
Products affected by CVE-2023-40180
- cpe:2.3:a:silverstripe:graphql:*:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:graphql:*:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:graphql:*:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:graphql:*:*:*:*:*:*:*:*
- cpe:2.3:a:silverstripe:graphql:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-40180
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 49 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-40180
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
GitHub, Inc. |
CWE ids for CVE-2023-40180
-
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.Assigned by: security-advisories@github.com (Primary)
References for CVE-2023-40180
-
https://www.silverstripe.org/download/security-releases/CVE-2023-40180
CVE-2023-40180 - DDOS Vulnerability on GraphQL due to lack of protection against recursive queries » Silverstripe CMSVendor Advisory
-
https://github.com/silverstripe/silverstripe-graphql/commit/f6d5976ec4608e51184b0db1ee5b9e9a99d2501c
[CVE-2023-40180] Add protection against recursive queries (#558) · silverstripe/silverstripe-graphql@f6d5976 · GitHubPatch
-
https://github.com/silverstripe/silverstripe-graphql/tree/3.8#recursive-or-complex-queries
GitHub - silverstripe/silverstripe-graphql at 3.8Third Party Advisory
-
https://github.com/silverstripe/silverstripe-graphql/security/advisories/GHSA-v23w-pppm-jh66
DDOS Vulnerability on GraphQL due to lack of protection against recursive queries · Advisory · silverstripe/silverstripe-graphql · GitHubThird Party Advisory
-
https://docs.silverstripe.org/en/developer_guides/graphql/security_and_best_practices/recursive_or_complex_queries
Recursive or complex queries | Silverstripe CMS DocumentationMitigation
Jump to