Vulnerability Details : CVE-2023-43320
Public exploit exists!
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component.
Products affected by CVE-2023-43320
- cpe:2.3:a:proxmox:proxmox_mail_gateway:*:*:*:*:*:*:*:*
- cpe:2.3:a:proxmox:virtual_environment:*:*:*:*:*:*:*:*
- cpe:2.3:a:proxmox:backup_server:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-43320
0.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-43320
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
References for CVE-2023-43320
-
https://bugzilla.proxmox.com/show_bug.cgi?id=4579
4579 – Improve resiliency against TOTP brute force if account credentials already leakedIssue Tracking;Vendor Advisory
-
https://bugzilla.proxmox.com/show_bug.cgi?id=4584
4584 – restrict user after multiple failed TOTP second factor auth tries in a rowIssue Tracking;Vendor Advisory
-
http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html
Proxmox VE 7.4-1 TOTP Brute Force ≈ Packet Storm
-
https://github.com/proxmox/proxmox-rs/commit/50b793db8d3421bbfe2bce060a486263f18a90cb
tfa: add data for rate limiting and blocking · proxmox/proxmox-rs@50b793d · GitHubPatch
Jump to