CVE-2023-39047 – CVE-2023-39047 is an information disclosure vul... (How to Fix)

Q: What is the severity of CVE-2023-39047?

CVE-2023-39047 has a CVSS score of 7.5 (HIGH). CVE-2023-39047 is an information disclosure vulnerability in shouzu sweets oz v13.6.1 that allows attackers to obtain channel access tokens. This enables unauthorized message sending through affected channels. Organizations using this specific version of shouzu sweets oz are affected.

📋 TL;DR

CVE-2023-39047 is an information disclosure vulnerability in shouzu sweets oz v13.6.1 that allows attackers to obtain channel access tokens. This enables unauthorized message sending through affected channels. Organizations using this specific version of shouzu sweets oz are affected.

💻 Affected Systems

Products:

shouzu sweets oz

Versions: v13.6.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects the channel access token handling mechanism in this version.

📦 What is this software?

Line Mini App by Lycorp

View all CVEs affecting Line Mini App →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain channel access tokens and send malicious messages to all channel subscribers, potentially spreading malware, phishing links, or misinformation.

🟠

Likely Case

Attackers gain unauthorized access to channel messaging capabilities, allowing them to send spam or malicious content to subscribers.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to potential temporary disruption of channel communications.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability allows information disclosure that leads to token exposure, enabling subsequent message crafting.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Access Token Rotation

all

Manually rotate all channel access tokens to invalidate any potentially exposed credentials

Use platform-specific token rotation procedures

Network Segmentation

all

Restrict network access to the shouzu sweets oz application to trusted sources only

Configure firewall rules to limit inbound connections

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor channel activity logs for unauthorized message sending attempts

🔍 How to Verify

Check if Vulnerable:

Check if running shouzu sweets oz version 13.6.1

Check Version:

Check application configuration or documentation for version information

Verify Fix Applied:

Verify version is no longer 13.6.1 and test channel access token security

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to token endpoints
Unusual message sending patterns

Network Indicators:

Unexpected API calls to token-related endpoints
Anomalous outbound message traffic

SIEM Query:

source="shouzu-sweets-oz" AND (event_type="token_access" OR event_type="message_send") AND status="unauthorized"

📊 Metadata

CVE ID: CVE-2023-39047

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: November 2, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39047.md Exploit,Third Party Advisory
https://liff.line.me/1657207159-oGgKdNNW Patch
https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39047.md Exploit,Third Party Advisory
https://liff.line.me/1657207159-oGgKdNNW Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-39047, you might also want to check these: