CVE-2023-6908 : A vulnerability, which was classified as problematic, was found in DFIRKuiper Ku

A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzip_file of the file kuiper/app/controllers/case_management.py of the component TAR Archive Handler. The manipulation of the argument dst_path leads to path traversal. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 2.3.5 is able to address this issue. The identifier of the patch is 94fa135153002f651f5526c55a7240e083db8d73. It is recommended to upgrade the affected component. The identifier VDB-248277 was assigned to this vulnerability.

Published 2023-12-18 04:15:52

Updated 2024-05-17 02:34:00

Source VulDB

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2023-6908

Dfirkuiper » Kuiper » Version: 2.3.4
cpe:2.3:a:dfirkuiper:kuiper:2.3.4:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-6908

EPSS FAQ

0.13%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 33 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-6908

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.6	LOW	AV:N/AC:H/Au:N/C:N/I:P/A:N	4.9	2.9	VulDB
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
3.1	LOW	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N	1.6	1.4	VulDB
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: Low Availability: None
5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

CWE ids for CVE-2023-6908

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Assigned by: cna@vuldb.com (Primary)

References for CVE-2023-6908

https://github.com/DFIRKuiper/Kuiper/commit/94fa135153002f651f5526c55a7240e083db8d73

Fix path traversal vulnerability when extracting tar files · DFIRKuiper/Kuiper@94fa135 · GitHub
Patch
https://vuldb.com/?id.248277

Third Party Advisory
https://github.com/DFIRKuiper/Kuiper/pull/106

Fix path traversal vulnerability when extracting tar files by heck-gd · Pull Request #106 · DFIRKuiper/Kuiper · GitHub
Patch
https://vuldb.com/?ctiid.248277

Permissions Required;Third Party Advisory
https://github.com/DFIRKuiper/Kuiper/releases/tag/v2.3.5

Release v2.3.5 · DFIRKuiper/Kuiper · GitHub
Release Notes

Jump to

Vulnerability Details : CVE-2023-6908

Products affected by CVE-2023-6908

Exploit prediction scoring system (EPSS) score for CVE-2023-6908

CVSS scores for CVE-2023-6908

CWE ids for CVE-2023-6908

References for CVE-2023-6908