CVE-2023-35853

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 6.0.13

Description The issue is related to insufficient input validation in the Suricata intrusion detection and prevention system. It may allow a remote attacker to execute arbitrary code. An adversary who controls an external source of Lua rules may be able to execute Lua code. This issue is addressed by disabling Lua unless allow-rules is true in the security lua configuration section.

Recommendations For Suricata versions prior to 6.0.13, update to version 6.0.13 or later, which addresses the issue by disabling Lua unless allow-rules is true in the security lua configuration section. As a temporary workaround, consider disabling Lua unless explicitly needed and configured with allow-rules set to true in the security lua configuration section.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-94

Related Identifiers

ALT-PU-2024-12896

ALT-PU-2024-8406

ALT-PU-2024-8612

BDU:2023-06802

CVE-2023-35853

ROSA-SA-2023-2305

ROSA-SA-2024-2360

Affected Products

Alt Linux

Debian

Suricata

CVE-2023-35853

Weakness Enumeration

Related Identifiers

Affected Products

References · 16