Vulnerability Details : CVE-2023-43116
Potential exploit
A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.
Products affected by CVE-2023-43116
- cpe:2.3:a:buildkite:elastic_ci_stack:*:*:*:*:*:aws:*:*
- cpe:2.3:a:buildkite:elastic_ci_stack:*:*:*:*:*:aws:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-43116
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-43116
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-01-03 |
CWE ids for CVE-2023-43116
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-43116
-
https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0003.md
advisories/ATREDIS-2023-0003.md at master · atredispartners/advisories · GitHubExploit;Third Party Advisory
Jump to