Multiple vulnerabilities in strapi
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-23539 CVE-2022-23541 CVE-2022-23540 CVE-2022-23529 |
| CWE-ID | CWE-327 CWE-20 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. |
| Vulnerable software |
strapi Web applications / CMS |
| Vendor | strapi.io |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU71180
Risk: Medium
CVSSv4.0: 6.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-23539
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insecure key types are used for signature verification. A remote user can enable legacy keys usage.
MitigationInstall update from vendor's website.
Vulnerable software versionsstrapi: 4.5.0 - 4.5.5
CPE2.3- cpe:2.3:a:strapi.io:strapi:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.2:*:*:*:*:*:*:*
https://github.com/strapi/strapi/releases/tag/v4.5.6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU71181
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-23541
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insecure implementation of key retrieval function. A remote user attacker can cause successful validation of forged tokens.
MitigationInstall update from vendor's website.
Vulnerable software versionsstrapi: 4.5.0 - 4.5.5
CPE2.3- cpe:2.3:a:strapi.io:strapi:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.2:*:*:*:*:*:*:*
https://github.com/strapi/strapi/releases/tag/v4.5.6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU71182
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2022-23540
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insecure default algorithm in jwt.verify(). A remote attacker can cause signature validation bypass.
MitigationInstall update from vendor's website.
Vulnerable software versionsstrapi: 4.5.0 - 4.5.5
CPE2.3- cpe:2.3:a:strapi.io:strapi:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.2:*:*:*:*:*:*:*
https://github.com/strapi/strapi/releases/tag/v4.5.6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Input validation error
EUVDB-ID: #VU71185
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2022-23529
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in jwt.verify function. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsstrapi: 4.5.0 - 4.5.5
CPE2.3- cpe:2.3:a:strapi.io:strapi:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:strapi.io:strapi:4.5.2:*:*:*:*:*:*:*
https://github.com/strapi/strapi/releases/tag/v4.5.6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
