Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2023-23397 check not sufficient - FP #19

Open
LuemmelSec opened this issue Jun 10, 2024 · 1 comment · Fixed by #20
Open

CVE-2023-23397 check not sufficient - FP #19

LuemmelSec opened this issue Jun 10, 2024 · 1 comment · Fixed by #20

Comments

@LuemmelSec
Copy link
Contributor

LuemmelSec commented Jun 10, 2024
edited
Loading

The script says that my system is prone to CVE-2023-23397.
Going after the debug log, it says so because it validated that the UNC path is in the wav file!?
If that is true, this is not a proof for being vulnerable. For that you would need to spin up something like responder to which the system that received the mail and opened the appointment actually would connect and auth to.
Testing this only locally seems to make no sense from my current perspective.
Also my system is up-to-date with all patches applied, so anyways should not be vulnerable.

image
@Cx01N
Copy link
Contributor

Cx01N commented Jun 25, 2024

Yeah its hard when doing a lot of these scans and trying to keep them lightweight. Maybe it should be Vulnerable with a caveat that you should do a targettied check to confirm it.

@Cx01N Cx01N linked a pull request Jul 28, 2024 that will close this issue
Remove CVE-2023-23397 due to unreliable check #20
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove CVE-2023-23397 due to unreliable check BC-SECURITY/Moriarty
2 participants
@Cx01N @LuemmelSec