Vulnerability Description
Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Monospace | Directus | < 9.23.0 |
Related Weaknesses (CWE)
References
- https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833dPatch
- https://github.com/directus/directus/releases/tag/v9.23.0Release Notes
- https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537hExploitThird Party Advisory
- https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833dPatch
- https://github.com/directus/directus/releases/tag/v9.23.0Release Notes
- https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537hExploitThird Party Advisory
FAQ
What is CVE-2023-26492?
CVE-2023-26492 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/...
How severe is CVE-2023-26492?
CVE-2023-26492 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-26492?
Check the references section above for vendor advisories and patch information. Affected products include: Monospace Directus.