CVE-2023-47322 – This CSRF vulnerability in Silverpeas Core allo... (How to Fix)

Q: What is the severity of CVE-2023-47322?

CVE-2023-47322 has a CVSS score of 8.8 (HIGH). This CSRF vulnerability in Silverpeas Core allows attackers to escalate privileges by tricking authenticated administrators into visiting malicious URLs. When exploited, it can grant administrative access to attackers within the Silverpeas application. All administrators using vulnerable versions are at risk.

📋 TL;DR

This CSRF vulnerability in Silverpeas Core allows attackers to escalate privileges by tricking authenticated administrators into visiting malicious URLs. When exploited, it can grant administrative access to attackers within the Silverpeas application. All administrators using vulnerable versions are at risk.

💻 Affected Systems

Products:

Silverpeas Core

Versions: 6.3.1

Operating Systems: All platforms running Silverpeas

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where administrators authenticate to Silverpeas and could be tricked into visiting malicious URLs.

📦 What is this software?

Silverpeas by Silverpeas

View all CVEs affecting Silverpeas →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the Silverpeas application with attacker gaining administrative privileges, potentially leading to data theft, system takeover, or further attacks.

🟠

Likely Case

Attacker gains administrative access to Silverpeas, enabling user account manipulation, data access, and configuration changes.

🟢

If Mitigated

Limited impact with proper CSRF protections, network segmentation, and administrative awareness.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires social engineering to lure authenticated administrators to malicious sites.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.3.2 or later

Vendor Advisory: http://silverpeas.com

Restart Required: Yes

Instructions:

1. Backup Silverpeas installation and data. 2. Download and install Silverpeas Core 6.3.2 or later from official sources. 3. Restart Silverpeas application server. 4. Verify functionality.

🔧 Temporary Workarounds

CSRF Token Implementation

all

Implement CSRF tokens for all state-changing operations in Silverpeas

Requires custom development - implement anti-CSRF tokens in userModify feature

SameSite Cookie Attribute

all

Set SameSite=Strict attribute on session cookies

Configure application server to set SameSite=Strict for Silverpeas session cookies

🧯 If You Can't Patch

Implement web application firewall with CSRF protection rules
Restrict administrator access to trusted networks only

🔍 How to Verify

Check if Vulnerable:

Check Silverpeas version - if running 6.3.1, system is vulnerable

Check Version:

Check Silverpeas administration panel or application logs for version information

Verify Fix Applied:

Verify Silverpeas version is 6.3.2 or later and test userModify functionality with CSRF attempts

📡 Detection & Monitoring

Log Indicators:

Multiple privilege escalation attempts via userModify endpoint
Unusual administrator account modifications

Network Indicators:

CSRF attack patterns to userModify endpoint
External requests triggering administrative actions

SIEM Query:

source="silverpeas" AND (uri="/userModify" OR action="privilege_escalation")

📊 Metadata

CVE ID: CVE-2023-47322

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: December 13, 2023

Last Updated: November 21, 2024

🔗 References

http://silverpeas.com Product
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322 Exploit,Third Party Advisory
http://silverpeas.com Product
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47322, you might also want to check these: