CVE-2023-51232
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-07-07

Last updated on: 2025-07-08

Assigner: MITRE

Description
Directory Traversal vulnerability in dagster-webserver Dagster thru 1.5.11 allows remote attackers to obtain sensitive information via crafted request to the /logs endpoint. This may be restricted to certain file names that start with a dot ('.').
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-07
Last Modified
2025-07-08
Generated
2026-05-07
AI Q&A
2025-07-07
EPSS Evaluated
2026-05-05
NVD
CVE-2023-51232
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2023-51232 is a directory traversal vulnerability in the dagster-webserver component of Dagster (up to version 1.5.11). It allows remote attackers to read arbitrary files on the server by sending crafted requests to the /logs HTTP endpoint. The endpoint insufficiently validates file paths, only requiring that filenames contain a dot ('.'), which enables attackers to use path traversal sequences (like '../') to access sensitive files outside the intended logs directory, such as .bash_history or dagster.yaml. [1]


How can this vulnerability impact me? :

This vulnerability can allow remote attackers to obtain sensitive information stored on the server by reading arbitrary files outside the intended logs directory. This could include sensitive configuration files or user data, potentially leading to information disclosure, unauthorized access, or further exploitation of the system. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by attempting to access files outside the intended logs directory via the /logs HTTP endpoint using crafted path traversal requests. For example, using the following cURL command can test if the server is vulnerable by trying to retrieve the .bash_history file: curl -vvv -X GET 'http://localhost:3333/logs/%2e%2e/%2e%2e/%2e%2e/%2e%2e//bash_history' If the server returns the contents of the file, it indicates the vulnerability is present. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation is to upgrade Dagster to version 1.5.11 or later, where the vulnerability is fixed. The fix involves normalizing requested log file paths using os.path.abspath() and validating that the path is within the allowed logs directory, blocking directory traversal attempts. Until you can upgrade, consider restricting access to the /logs endpoint or implementing additional access controls to prevent unauthorized file access. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart