#VU80793 Improper Authorization in Jetty - CVE-2023-41900


| Updated: 2023-10-12

Vulnerability identifier: #VU80793

Vulnerability risk: Low

CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-41900

CWE-ID: CWE-285

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Jetty
Server applications / Web servers

Vendor: Eclipse

Description

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to an error in the revocation process. If a Jetty OpenIdAuthenticator uses the optional nested LoginService, and that LoginService decides to revoke an already authenticated user, then the current request will still treat the user as authenticated.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Jetty: 9.0.0.v20130308 - 9.4.51.v20230217, 10.0.0 - 11.0.15

External links
https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48
https://github.com/jetty/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM Control Center
Multiple vulnerabilities in IBM DataStage on Cloud Pak for Data
IBM Sterling B2B Integrator update for Eclipse Jetty
Multiple vulnerabilities in IBM Cognos Analytics
Multiple vulnerabilities in IBM Rational Synergy
Multiple vulnerabilities in IBM Rational Change
Multiple vulnerabilities in IBM Db2 on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data
Multiple vulnerabilities in IBM Cloud Pak for Network Automation
Multiple vulnerabilities in IBM Content Collector for SAP Applications
Multiple vulnerabilities in IBM Operations Analytics Predictive Insights