Miggo Logo

CVE-2023-48700: Clear Text Credentials Exposed via Onboarding Task

5.7

CVSS Score
3.1

Basic Information

EPSS Score
0.3628%
Published
11/21/2023
Updated
11/22/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
nautobot-device-onboardingpip>= 2.0.0, < 3.0.03.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from credentials being stored in Celery task arguments visible in Job Results. The primary culprits are: 1) The Celery task handler itself (run_onboarding_task), which receives sensitive arguments, and 2) The enqueue method that initiates the task with raw credentials. These functions would directly handle credential arguments without sanitization prior to v3.0.0. The high confidence comes from the advisory's explicit mention of task args exposure and the typical Celery/Nautobot job result storage patterns.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t W**n *r***nti*ls *r* provi*** w*il* *r**tin* *n On*o*r*in*T*sk t**y m*y ** visi*l* vi* t** Jo* R*sults vi*w un**r t** ***ition*l **t* t** *s *r*s *or t** **l*ry T*sk *x**ution. T*is only *ppli*s to On*o*r*in*T*sks t**t *r* *r**t** wit* *r*

Reasoning

T** vuln*r**ility st*ms *rom *r***nti*ls **in* stor** in **l*ry t*sk *r*um*nts visi*l* in Jo* R*sults. T** prim*ry *ulprits *r*: *) T** **l*ry t*sk **n*l*r its*l* (run_on*o*r*in*_t*sk), w*i** r***iv*s s*nsitiv* *r*um*nts, *n* *) T** *nqu*u* m*t*o* t*