CVE-2023-49565
BaseFortify
Publication date: 2025-09-18
Last updated on: 2025-09-18
Assigner: Nokia
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nokia | container_service | 22.12 |
| nokia | cloudband_infrastructure_software | 22 |
| nokia | container_service | 23.10 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the cbis_manager Podman container where the /api/plugins endpoint improperly sanitizes certain HTTP headers (X-FILENAME, X-PAGE, and X-FIELD). These headers are used directly in a Python subprocess.Popen call without proper validation, allowing a remote attacker to inject and execute arbitrary commands on the underlying system by sending crafted HTTP requests.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can execute arbitrary commands remotely on the affected system with root privileges inside the container. This can lead to full system compromise, unauthorized access, data theft, or disruption of services. Although restricting access to the management network with an external firewall can partially mitigate the risk, the vulnerability still poses a significant security threat.
What immediate steps should I take to mitigate this vulnerability?
Restrict access to the management network with an external firewall to partially mitigate the risk of remote command execution via the vulnerable /api/plugins endpoint.