Miggo Logo

CVE-2013-3300: Lift Sensitive Information Disclosure

4

CVSS Score

Basic Information

EPSS Score
0.39732%
Published
5/17/2022
Updated
8/29/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
net.liftweb:lift-webkitmaven< 2.52.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from how the 'near' method constructs error message snippets. The original implementation used (cur + 1) min Segments.segmentSize directly as the length parameter for String creation, which represents an end-index rather than a length value. When combined with memory segment reuse in the JSON parser, this allowed reading beyond valid data boundaries into residual memory. The patch explicitly calculates length as (end_index - start_index), confirming this was the root cause. The added test case validates that error messages no longer contain excessive data from memory buffers.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** JsonP*rs*r *l*ss in json/JsonP*rs*r.s**l* in Li*t ***or* *.* int*rpr*ts * **rt*in *n*-in**x v*lu* *s * l*n*t* v*lu*, w*i** *llows r*mot* *ut**nti**t** us*rs to o*t*in s*nsitiv* in*orm*tion *rom ot**r us*rs' s*ssions vi* inv*li* input **t* *ont*in

Reasoning

T** vuln*r**ility st*ms *rom *ow t** 'n**r' m*t*o* *onstru*ts *rror m*ss*** snipp*ts. T** ori*in*l impl*m*nt*tion us** (*ur + *) min S**m*nts.s**m*ntSiz* *ir**tly *s t** l*n*t* p*r*m*t*r *or Strin* *r**tion, w*i** r*pr*s*nts *n *n*-in**x r*t**r t**n