CVE-2023-36825

Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the `_state` query parameter, which can result in remote code execution. The issue has been addressed in version 14.5.0. Users are advised to upgrade their software to this version or any subsequent versions that include the patch. There are no known workarounds.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/orchidsoftware/platform/releases/tag/14.5.0	Release Notes
https://github.com/orchidsoftware/platform/security/advisories/GHSA-ph6g-p72v-pc3p	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:orchid:platform::::::::
	cpe:2.3:a:orchid:platform:14.0.0:-::::::
	cpe:2.3:a:orchid:platform:14.0.0:alpha4::::::
	cpe:2.3:a:orchid:platform:14.0.0:alpha5::::::
	cpe:2.3:a:orchid:platform:14.0.0:alpha6::::::
	cpe:2.3:a:orchid:platform:14.0.0:alpha7::::::

History

No history.

Information

Published : 2023-07-11 18:15

Updated : 2023-07-20 01:47

NVD link : CVE-2023-36825

Mitre link : CVE-2023-36825

CVE.ORG link : CVE-2023-36825

JSON object : View

Products Affected

orchid

platform

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2023-36825", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.6, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.8}]}, "published": "2023-07-11T18:15:20.417", "references": [{"url": "https://github.com/orchidsoftware/platform/releases/tag/14.5.0", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/orchidsoftware/platform/security/advisories/GHSA-ph6g-p72v-pc3p", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the `_state` query parameter, which can result in remote code execution. The issue has been addressed in version 14.5.0. Users are advised to upgrade their software to this version or any subsequent versions that include the patch. There are no known workarounds."}], "lastModified": "2023-07-20T01:47:19.413", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:orchid:platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF882026-A429-4924-B84E-29DD6A1F9990", "versionEndExcluding": "14.5.0", "versionStartIncluding": "14.0.1"}, {"criteria": "cpe:2.3:a:orchid:platform:14.0.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC8FD5E1-EFAA-4123-A0A3-9EE96719643B"}, {"criteria": "cpe:2.3:a:orchid:platform:14.0.0:alpha4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D9AF0E5-E01D-4032-AF71-6FC428232D26"}, {"criteria": "cpe:2.3:a:orchid:platform:14.0.0:alpha5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2F7B9C-98DC-43A5-8CFF-916CAEB67284"}, {"criteria": "cpe:2.3:a:orchid:platform:14.0.0:alpha6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36C441C1-F1B6-46F7-96B8-F5BB222BCDB7"}, {"criteria": "cpe:2.3:a:orchid:platform:14.0.0:alpha7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDF364F5-A581-481C-9A21-F0FF2ABE6726"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}