Vulnerability Details : CVE-2023-43208
Public exploit exists!
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679.
Vulnerability category: Execute code
Products affected by CVE-2023-43208
- cpe:2.3:a:nextgen:mirth_connect:*:*:*:*:*:*:*:*
CVE-2023-43208 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability
CISA required action:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CISA description:
NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.
Notes:
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://github.com/nextgenhealthcare/connect/wiki/4.4.1---What%27s-New
Added on
2024-05-20
Action due date
2024-06-10
Exploit prediction scoring system (EPSS) score for CVE-2023-43208
97.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2023-43208
-
Mirth Connect Deserialization RCE
Disclosure Date: 2023-10-25First seen: 2024-01-31exploit/multi/http/mirth_connect_cve_2023_43208A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was
CVSS scores for CVE-2023-43208
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-07-03 |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-43208
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
References for CVE-2023-43208
-
https://www.horizon3.ai/nextgen-mirth-connect-remote-code-execution-vulnerability-cve-2023-43208/
NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208) – Horizon3.aiExploit;Third Party Advisory
-
http://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html
Mirth Connect 4.4.0 Remote Command Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Jump to