CVE-2023-39050 – CVE-2023-39050 is an information disclosure vul... (How to Fix)

Q: What is the severity of CVE-2023-39050?

CVE-2023-39050 has a CVSS score of 7.5 (HIGH). CVE-2023-39050 is an information disclosure vulnerability in Daiky-value.Fukueten v13.6.1 that allows attackers to obtain channel access tokens. This enables unauthorized message sending and potential account compromise. Organizations using this specific version of the software are affected.

📋 TL;DR

CVE-2023-39050 is an information disclosure vulnerability in Daiky-value.Fukueten v13.6.1 that allows attackers to obtain channel access tokens. This enables unauthorized message sending and potential account compromise. Organizations using this specific version of the software are affected.

💻 Affected Systems

Products:

Daiky-value.Fukueten

Versions: v13.6.1

Operating Systems: All platforms running the vulnerable software

Default Config Vulnerable: ⚠️ Yes

Notes: Only version 13.6.1 is confirmed vulnerable; other versions may also be affected but not confirmed.

📦 What is this software?

Line Mini App by Lycorp

View all CVEs affecting Line Mini App →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full control of communication channels, send malicious messages to users, impersonate legitimate services, and potentially compromise user accounts through phishing or token misuse.

🟠

Likely Case

Attackers obtain access tokens and send unauthorized messages through the platform, potentially spreading malware or conducting phishing campaigns using the compromised channel.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to isolated channel compromise with quick detection and token revocation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability allows unauthenticated attackers to leak tokens and craft messages without complex exploitation steps.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Upgrade to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Network Isolation

linux

Restrict network access to the vulnerable service to trusted IPs only

iptables -A INPUT -p tcp --dport [service_port] -s [trusted_ip] -j ACCEPT
iptables -A INPUT -p tcp --dport [service_port] -j DROP

Token Rotation

all

Regularly rotate channel access tokens to limit exposure window

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor for unusual message sending patterns and token usage

🔍 How to Verify

Check if Vulnerable:

Check if running Daiky-value.Fukueten version 13.6.1 via version command or configuration files

Check Version:

Check application configuration or documentation for version information

Verify Fix Applied:

Verify version is not 13.6.1 and test token access controls

📡 Detection & Monitoring

Log Indicators:

Unusual token generation patterns
Unauthorized message sending attempts
Multiple failed authentication attempts

Network Indicators:

Unexpected outbound messages from the service
Traffic to unusual endpoints

SIEM Query:

source="daiky_logs" AND (event="token_leak" OR event="unauthorized_message")

📊 Metadata

CVE ID: CVE-2023-39050

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: November 2, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39050.md Exploit,Third Party Advisory
https://liff.line.me/1657264266-MPKmV0nq Product
https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39050.md Exploit,Third Party Advisory
https://liff.line.me/1657264266-MPKmV0nq Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-39050, you might also want to check these: