CVE-2023-46128

Exposure of hashed user passwords via REST API in Nautobot

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Nautobot is a Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 2.0.x, certain REST API endpoints, in combination with the `?depth=<N>` query parameter, can expose hashed user passwords as stored in the database to any authenticated user with access to these endpoints. The passwords are not exposed in plaintext. This vulnerability has been patched in version 2.0.3.

Nautobot es una plataforma de automatización de redes construida como una aplicación web sobre el framework Django Python con una base de datos PostgreSQL o MySQL. En Nautobot 2.0.x, ciertos endpoints de la API REST, en combinación con el parámetro de consulta `? Depth=`, pueden exponer contraseñas de usuario con hash almacenadas en la base de datos a cualquier usuario autenticado con acceso a estos endpoints. Las contraseñas no están expuestas en texto plano. Esta vulnerabilidad ha sido parcheada en la versión 2.0.3.

*Credits: N/A

CVSS Scores

NISTv3.1 6.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-16 CVE Reserved
2023-10-24 CVE Published
2024-09-11 CVE Updated
2024-09-11 First Exploit
2024-10-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-312: Cleartext Storage of Sensitive Information

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC
https://github.com/nautobot/nautobot/security/advisories/GHSA-r2hw-74xv-4gqp	2024-09-11

URL	Date	SRC
https://github.com/nautobot/nautobot/commit/1ce8e5c658a075c29554d517cd453675e5d40d71	2023-11-01
https://github.com/nautobot/nautobot/pull/4692	2023-11-01

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Networktocode Search vendor "Networktocode"		Nautobot Search vendor "Networktocode" for product "Nautobot"				>= 2.0.0 < 2.0.3 Search vendor "Networktocode" for product "Nautobot" and version " >= 2.0.0 < 2.0.3"		-		Affected