7.5
CWE
770
Advisory Published
Advisory Published
Updated

CVE-2023-36814: zopefoundation's Products.CMFCore vulnerable to unauthenticated denial of service and crash via unchecked use of input with Python's marshal module

First published: Mon Jul 03 2023(Updated: )

### Impact The use of Python's marshal module to handle unchecked input in a public method on `PortalFolder` objects can lead to an unauthenticated denial of service and crash situation. The code in question is exposed by all portal software built on top of `Products.CMFCore`, such as Plone. All deployments are vulnerable. ### Patches The code has been fixed in `Products.CMFCore` version 3.2. ### Workarounds Users can make the affected `decodeFolderFilter` method unreachable by editing the `PortalFolder.py` module in `Products.CMFCore` by hand and then restarting Zope. Go to line 233 of `PortalFolder.py` and remove both the `@security.public` decorator for `decodeFolderFilter` as well as the method's entire docstring. This is safe because the method is not actually used by current code. ### References - Products.CMFCore security advisory [GHSA-4hpj-8rhv-9x87](https://github.com/zopefoundation/Products.CMFCore/security/advisories/GHSA-4hpj-8rhv-9x87) ### Credits Thanks go to Nicolas VERDIER from onepoint. ### For more information If you have any questions or comments about this advisory: - Open an issue in the [Products.CMFCore issue tracker](https://github.com/zopefoundation/Products.CMFCore/issues) - Email us at [security@plone.org](mailto:security@plone.org)

Credit: security-advisories@github.com security-advisories@github.com security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
Zope Products.cmfcore<3.2
pip/Products.CMFCore<2.7.1
2.7.1
pip/Products.CMFCore>=3.0<3.2
3.2
<3.2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the impact of CVE-2023-36814?

    The vulnerability can lead to an unauthenticated denial of service and crash situation.

  • Which software is affected by CVE-2023-36814?

    Products.CMFCore and all portal software built on top of it, such as Plone.

  • How can the vulnerability be exploited?

    By using Python's marshal module to handle unchecked input in a public method on PortalFolder objects.

  • What is the severity of CVE-2023-36814?

    The severity of the vulnerability is high with a severity value of 7.

  • Where can I find more information about CVE-2023-36814?

    You can find more information about CVE-2023-36814 on the following references: [GitHub Commit](https://github.com/zopefoundation/Products.CMFCore/commit/40f03f43a60f28ca9485c8ef429efef729be54e5), [GitHub Security Advisories](https://github.com/zopefoundation/Products.CMFCore/security/advisories/GHSA-4hpj-8rhv-9x87), [NVD Vulnerability Detail](https://nvd.nist.gov/vuln/detail/CVE-2023-36814).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203