Login Sign Up

CVE-2023-32687

7.7 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability allows users with the 'list chat bots' permission in tgstation-server to read chat bot connection strings without proper authorization. It affects tgstation-server versions 4.7.0 through 5.12.0. This exposes sensitive credentials that could be used to compromise chat bot integrations.

💻 Affected Systems

Products:
  • tgstation-server
Versions: 4.7.0 through 5.12.0
Operating Systems: All platforms running tgstation-server
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects users with 'list chat bots' permission. Default configurations may grant this permission to some users.

📦 What is this software?

Tgstation Server by Tgstation13

View all CVEs affecting Tgstation Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain chat bot connection strings, use them to impersonate bots, send malicious messages, or gain unauthorized access to integrated services.

🟠

Likely Case

Unauthorized users access sensitive connection strings, potentially leading to credential theft and chat bot account compromise.

🟢

If Mitigated

Minimal impact with proper permission controls and credential rotation after patching.

🌐 Internet-Facing: MEDIUM - Only affects authenticated users with specific permissions, but exposed credentials could lead to broader compromise.
🏢 Internal Only: MEDIUM - Internal users with list permissions can access credentials they shouldn't see, enabling privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access with 'list chat bots' permission. The vulnerability is straightforward to exploit once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.12.1

Vendor Advisory: https://github.com/tgstation/tgstation-server/security/advisories/GHSA-rv76-495p-g7cp

Restart Required: Yes

Instructions:

1. Backup your current configuration. 2. Update tgstation-server to version 5.12.1 or later. 3. Restart the tgstation-server service. 4. Verify the update was successful.

🔧 Temporary Workarounds

Remove list chat bots permission

all

Remove the 'list chat bots' permission from users who should not have access to connection strings.

# Use tgstation-server admin interface or API to modify user permissions

🧯 If You Can't Patch

  • Immediately remove 'list chat bots' permission from all users who don't need it
  • Rotate all chat bot connection credentials and invalidate old ones

🔍 How to Verify

Check if Vulnerable:

Check if running tgstation-server version 4.7.0 through 5.12.0 and if any users have 'list chat bots' permission.

Check Version:

tgstation-server --version

Verify Fix Applied:

Verify version is 5.12.1 or later and test that users without proper permissions cannot view connection strings.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to chat bot endpoints
  • Users viewing connection strings without proper permissions

Network Indicators:

  • Unusual API calls to chat bot management endpoints

SIEM Query:

tgstation-server AND (chat_bot OR connection_string) AND permission

📊 Metadata

CVE ID: CVE-2023-32687
CVSS v3 Score: 7.7 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE: CWE-522
Published: May 29, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-32687, you might also want to check these:

CVE-2024-51545 10.0

This CVE describes a username enumeration vulnerability in ABB industrial control system products th...

Same vulnerability type (CWE-522)
CVE-2021-30116 10.0

CVE-2021-30116 is an authentication bypass vulnerability in Kaseya VSA that allows unauthenticated a...

Same vulnerability type (CWE-522)
CVE-2025-0867 9.9

This vulnerability allows standard users to execute commands with administrative privileges through ...

Same vulnerability type (CWE-522)