Vulnerability Description
Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: * list * show * rewrite * update An attacker can leak the session component using an HTML-like output, insert the session as an external resource (such as an image), or store the credential in a _local document with an "update" function. For the attack to succeed the attacker has to be able to insert the design documents into the database, then manipulate a user to access a function from that design document. Workaround: Avoid using design documents from untrusted sources which may attempt to access or manipulate request object's headers
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Couchdb | <= 3.3.2 |
Related Weaknesses (CWE)
References
- https://docs.couchdb.org/en/stable/cve/2023-45725.htmlPatchVendor Advisory
- https://lists.apache.org/thread/pqjq9zt8vq9rsobkc1cow9sqm9vozlrgMailing ListVendor Advisory
- https://docs.couchdb.org/en/stable/cve/2023-45725.htmlPatchVendor Advisory
- https://lists.apache.org/thread/pqjq9zt8vq9rsobkc1cow9sqm9vozlrgMailing ListVendor Advisory
FAQ
What is CVE-2023-45725?
CVE-2023-45725 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: * ...
How severe is CVE-2023-45725?
CVE-2023-45725 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-45725?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Couchdb.