Miggo Logo
Miggo Vulnerability Database
CVE-2023-3629

CVE-2023-3629: Infinispan REST Server's cache retrieval endpoints do not properly evaluate the necessary admin permissions

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-3629
GHSA ID
GHSA-r4w2-hjmr-36m7
EPSS Score
0.28914%
CWE
CWE-304
Published
12/30/2023
Updated
11/18/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.infinispan:infinispan-server-restmaven>= 15.0.0.Dev01, < 15.0.0.Dev0415.0.0.Dev04
org.infinispan:infinispan-server-restmaven< 14.0.18.Final14.0.18.Final

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing authorization checks in cache retrieval endpoints. The GitHub commit diff shows: (1) getDetailResponse() originally serialized the full cache configuration into the response without ADMIN checks (evidenced by the added authorizationManager logic in the patch). (2) getCacheConfig() lacked an ADMIN permission check before fetching the configuration (patched with checkPermission(ADMIN)). Both functions directly handle sensitive cache configuration data and matched the CWE-304 description of missing authentication steps. The added security tests in RESTAuthorizationTest.java further confirm these endpoints were improperly accessible to non-admins.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *l*w w*s *oun* in In*inisp*n's R*ST, ***** r*tri*v*l *n*points *o not prop*rly *v*lu*t* t** n***ss*ry **min p*rmissions *or t** op*r*tion. T*is issu* *oul* *llow *n *ut**nti**t** us*r to ****ss in*orm*tion outsi** o* t**ir int*n*** p*rmissions.

Reasoning

T** vuln*r**ility st*ms *rom missin* *ut*oriz*tion ****ks in ***** r*tri*v*l *n*points. T** *it*u* *ommit *i** s*ows: (*) `**t**t*ilR*spons*()` ori*in*lly s*ri*liz** t** *ull ***** *on*i*ur*tion into t** r*spons* wit*out **MIN ****ks (*vi**n*** *y t*