CVE-2023-38846 – CVE-2023-38846 is an information disclosure vul... (How to Fix)

Q: What is the severity of CVE-2023-38846?

CVE-2023-38846 has a CVSS score of 7.5 (HIGH). CVE-2023-38846 is an information disclosure vulnerability in Marbre Lapin Line v.13.6.1 that allows remote attackers to access sensitive information through crafted GET requests. This affects users running the vulnerable version of the software, potentially exposing confidential data to unauthorized parties.

📋 TL;DR

CVE-2023-38846 is an information disclosure vulnerability in Marbre Lapin Line v.13.6.1 that allows remote attackers to access sensitive information through crafted GET requests. This affects users running the vulnerable version of the software, potentially exposing confidential data to unauthorized parties.

💻 Affected Systems

Products:

Marbre Lapin Line

Versions: v.13.6.1

Operating Systems: Not specified

Default Config Vulnerable: ⚠️ Yes

Notes: Specific configurations that might increase or decrease vulnerability are not detailed in available references.

📦 What is this software?

Line by Linecorp

View all CVEs affecting Line →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete exposure of sensitive system information, configuration details, or user data leading to further attacks or data breaches.

🟠

Likely Case

Partial information disclosure revealing system details that could facilitate targeted attacks.

🟢

If Mitigated

Limited or no data exposure with proper access controls and network segmentation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Crafted GET requests are typically easy to execute, making this vulnerability straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch instructions available. Monitor vendor channels for updates.

🔧 Temporary Workarounds

Restrict Network Access

all

Limit access to the vulnerable service to trusted networks only.

Use firewall rules to restrict inbound connections to specific IP ranges.

Implement Web Application Firewall

all

Deploy a WAF to filter malicious GET requests.

Configure WAF rules to block suspicious GET request patterns.

🧯 If You Can't Patch

Isolate the vulnerable system in a segmented network to limit exposure.
Monitor logs for unusual GET request patterns and implement alerting.

🔍 How to Verify

Check if Vulnerable:

Check if running Marbre Lapin Line v.13.6.1. Test with crafted GET requests to see if sensitive information is returned.

Check Version:

Check application documentation for version query command specific to Marbre Lapin Line.

Verify Fix Applied:

Verify by updating to a patched version (if available) and retesting with crafted GET requests.

📡 Detection & Monitoring

Log Indicators:

Unusual GET requests with crafted parameters
Increased volume of GET requests to sensitive endpoints

Network Indicators:

Traffic patterns showing repeated GET requests with unusual parameters

SIEM Query:

source="web_server" AND method="GET" AND (uri CONTAINS "sensitive" OR parameters MATCHES "crafted_pattern")

📊 Metadata

CVE ID: CVE-2023-38846

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: October 25, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38846.md Exploit,Third Party Advisory
https://liff.line.me/1657925980-KmmGkje5 Product
https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38846.md Exploit,Third Party Advisory
https://liff.line.me/1657925980-KmmGkje5 Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-38846, you might also want to check these: