CVE-2023-49565

Name of the Vulnerable Software and Affected Versions cbis manager Podman container (affected versions not specified)

Description The cbis manager Podman container is susceptible to remote command execution through the /api/plugins endpoint. Insufficient validation of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are used directly within the subprocess.Popen Python function without proper validation, enabling a remote attacker to execute arbitrary commands on the underlying system by crafting malicious header values in an HTTP request to the affected endpoint. The web service operates with root privileges within the container, meaning successful exploitation can grant an attacker elevated privileges. Restricting access to the management network with an external firewall can offer partial mitigation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.