// For flags

CVE-2023-5256

Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation.

This vulnerability only affects sites with the JSON:API module enabled, and can be mitigated by uninstalling JSON:API.

The core REST and contributed GraphQL modules are not affected.

En ciertos escenarios, el módulo JSON:API de Drupal generará seguimientos de errores. Con algunas configuraciones, esto puede hacer que la información confidencial se almacene en caché y se ponga a disposición de usuarios anónimos, lo que lleva a una escalada de privilegios. Esta vulnerabilidad solo afecta a los sitios con el módulo JSON:API habilitado y se puede mitigar desinstalando JSON:API. Los módulos REST principales y GraphQL contribuidos no se ven afectados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-09-28 CVE Reserved
  • 2023-09-28 CVE Published
  • 2024-09-23 CVE Updated
  • 2024-10-04 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
  • CAPEC-141: Cache Poisoning
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://www.drupal.org/sa-core-2023-006 2023-10-05
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Drupal
Search vendor "Drupal"
Drupal
Search vendor "Drupal" for product "Drupal"
>= 8.7.0 < 9.5.11
Search vendor "Drupal" for product "Drupal" and version " >= 8.7.0 < 9.5.11"
-
Affected
Drupal
Search vendor "Drupal"
Drupal
Search vendor "Drupal" for product "Drupal"
>= 10.0.0 < 10.0.11
Search vendor "Drupal" for product "Drupal" and version " >= 10.0.0 < 10.0.11"
-
Affected
Drupal
Search vendor "Drupal"
Drupal
Search vendor "Drupal" for product "Drupal"
>= 10.1.0 < 10.1.4
Search vendor "Drupal" for product "Drupal" and version " >= 10.1.0 < 10.1.4"
-
Affected