CVE-2023-28633 : Security Advisory and Response
Learn about CVE-2023-28633 affecting GLPI software, allowing SSRF in RSS feeds. Impact rated low with mitigation steps provided. Published on 2023-04-05.
This CVE involves GLPI being vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds. The issue affects versions starting from 0.84 and prior to 9.5.13 and 10.0.7.
Understanding CVE-2023-28633
This section will delve into the details of CVE-2023-28633, highlighting the vulnerability, impact, technical aspects, and mitigation steps.
What is CVE-2023-28633?
CVE-2023-28633 pertains to a vulnerability in GLPI, a free asset and IT management software package. The vulnerability allows for Blind Server-Side Request Forgery (SSRF) in RSS feeds, starting from version 0.84 up to versions 9.5.13 and 10.0.7.
The Impact of CVE-2023-28633
The impact of this CVE is categorized as low severity with a CVSS base score of 3.5. While the confidentiality and integrity impact is low, it can lead to SSRF attacks if exploited.
Technical Details of CVE-2023-28633
In this section, we will explore the technical aspects of CVE-2023-28633, including the vulnerability description, affected systems and versions, and the exploitation mechanism.
Vulnerability Description
The vulnerability in GLPI allows for server-side request forgery (SSRF) in RSS feeds. When an invalid RSS feed address is supplied, the RSS autodiscovery feature triggers without proper URL safety checks.
Affected Systems and Versions
GLPI versions ranging from 0.84 to 9.5.13 and 10.0.7 are affected by this vulnerability. Versions outside of this range are not impacted.
Exploitation Mechanism
The exploitation of this vulnerability involves manipulating RSS feed URLs to trigger the SSRF flaw, potentially leading to unauthorized access or information disclosure.
Mitigation and Prevention
This section covers the steps that can be taken to mitigate the risks posed by CVE-2023-28633.
Immediate Steps to Take
Users of GLPI are advised to update their software to patched versions, specifically versions 9.5.13 and 10.0.7, to eliminate the SSRF vulnerability.
Long-Term Security Practices
Implementing secure coding practices, conducting regular security assessments, and staying updated on software patches can help prevent similar vulnerabilities in the future.
Patching and Updates
It is crucial for organizations using GLPI to regularly check for software updates and apply patches promptly to address security vulnerabilities and enhance system security.