PT-2023-7599 · Collabora · Collabora Online

Ubercomp

Published

2023-11-30

Updated

2023-12-13

CVE-2023-49788

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Collabora Online - Built-in CODE Server (richdocumentscode) versions prior to 23.5.602

Description The issue is related to the Collabora Online - Built-in CODE Server (richdocumentscode) running without chroot sandboxing, making it susceptible to attacks via modified client->server commands. This can allow overwriting files outside the subdirectory provided for the transient session, with access limited to files the server process can access. The bug was fixed in release 23.5.602.

Recommendations For versions prior to 23.5.602, upgrade to release 23.5.602 or later to resolve the issue. There are no known workarounds for this vulnerability.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-501CWE-22

Related Identifiers

BDU:2023-08659

CVE-2023-49788

GHSA-3R69-XVF7-V94J

Affected Products

Collabora Online

PT-2023-7599 · Collabora · Collabora Online

CVE-2023-49788

Weakness Enumeration

Related Identifiers

Affected Products

References · 9