CVE-2023-30429 : Exploit Details and Defense Strategies
Discover the critical CVE-2023-30429 affecting Apache Pulsar versions before 2.10.4 and 2.11.0, leading to privilege escalation via incorrect authorization. Learn how to mitigate this vulnerability.
Apache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy
Understanding CVE-2023-30429
This CVE record details an Incorrect Authorization vulnerability in Apache Pulsar, specifically affecting versions before 2.10.4 and version 2.11.0. The vulnerability arises when a client connects to the Pulsar Function Worker via the Pulsar Proxy, leading to incorrect authorization and potential privilege escalation.
What is CVE-2023-30429?
The CVE-2023-30429 vulnerability in Apache Pulsar occurs when the Pulsar Function Worker incorrectly uses the Proxy's role for authorization instead of the client's role, potentially allowing privilege escalation, especially with a superuser role in the configuration.
The Impact of CVE-2023-30429
The impact of this vulnerability is critical, with a base severity score of 9.6, indicating high confidentiality and integrity impact. This vulnerability does not require user interaction and can be exploited over the network.
Technical Details of CVE-2023-30429
The vulnerability arises due to incorrect authorization in the Pulsar Function Worker, affecting Apache Pulsar versions before 2.10.4 and 2.11.0.
Vulnerability Description
When a client connects to the Pulsar Function Worker via Pulsar Proxy using mTLS authentication, the worker incorrectly performs authorization, potentially leading to privilege escalation.
Affected Systems and Versions
- Versions before 2.10.4
- Version 2.11.0
Exploitation Mechanism
Exploitation of this vulnerability involves connecting to the Pulsar Function Worker via Pulsar Proxy and leveraging the incorrect authorization to escalate privileges.
Mitigation and Prevention
It is crucial for impacted users to take immediate steps to address the CVE-2023-30429 vulnerability in Apache Pulsar to enhance system security.
Immediate Steps to Take
- Upgrade Pulsar Function Worker to at least version 2.10.4 for users on 2.10 series.
- Upgrade Pulsar Function Worker to at least version 2.11.1 for users on version 2.11.0.
Long-Term Security Practices
Implement strict access controls, regularly update software, and monitor for any unusual activities to prevent unauthorized access.
Patching and Updates
Regularly check for patches and updates from Apache Software Foundation to ensure the latest security fixes are applied.