CVE-2023-29195 - Vulnerability Details - OpenCVE

Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linuxfoundation	Vitess

Configuration 1 [-]

cpe:2.3:a:linuxfoundation:vitess:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920
https://github.com/vitessio/vitess/issues/12842
https://github.com/vitessio/vitess/pull/12843
https://github.com/vitessio/vitess/releases/tag/v16.0.2
https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w
https://pkg.go.dev/vitess.io/vitess@v0.16.2

History

Fri, 24 Jan 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-05-11T19:07:39.530Z

Updated: 2025-01-24T21:28:41.799Z

Reserved: 2023-04-03T13:37:18.453Z

Link: CVE-2023-29195

Vulnrichment

Updated: 2024-08-02T14:00:15.882Z

NVD

Status : Modified

Published: 2023-05-11T20:15:09.403

Modified: 2024-11-21T07:56:41.580

Link: CVE-2023-29195

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29195", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-04-03T13:37:18.453Z", "datePublished": "2023-05-11T19:07:39.530Z", "dateUpdated": "2025-01-24T21:28:41.799Z"}, "containers": {"cna": {"title": "Vitess VTAdmin users that can create shards can deny access to other functions", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-703", "lang": "en", "description": "CWE-703: Improper Check or Handling of Exceptional Conditions", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w"}, {"name": "https://github.com/vitessio/vitess/issues/12842", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/issues/12842"}, {"name": "https://github.com/vitessio/vitess/pull/12843", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/pull/12843"}, {"name": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920"}, {"name": "https://github.com/vitessio/vitess/releases/tag/v16.0.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2"}, {"name": "https://pkg.go.dev/vitess.io/vitess@v0.16.2", "tags": ["x_refsource_MISC"], "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2"}], "affected": [{"vendor": "vitessio", "product": "vitess", "versions": [{"version": "< 16.0.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-05-11T19:07:39.530Z"}, "descriptions": [{"lang": "en", "value": "Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server."}], "source": {"advisory": "GHSA-pqj7-jx24-wj7w", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:15.882Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w"}, {"name": "https://github.com/vitessio/vitess/issues/12842", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/issues/12842"}, {"name": "https://github.com/vitessio/vitess/pull/12843", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/pull/12843"}, {"name": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920"}, {"name": "https://github.com/vitessio/vitess/releases/tag/v16.0.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2"}, {"name": "https://pkg.go.dev/vitess.io/vitess@v0.16.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-24T21:28:35.583348Z", "id": "CVE-2023-29195", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-24T21:28:41.799Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-29195", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-04-03T13:37:18.453Z", "datePublished": "2023-05-11T19:07:39.530Z", "dateUpdated": "2025-01-24T21:28:41.799Z"}, "containers": {"cna": {"title": "Vitess VTAdmin users that can create shards can deny access to other functions", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-703", "lang": "en", "description": "CWE-703: Improper Check or Handling of Exceptional Conditions", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w"}, {"name": "https://github.com/vitessio/vitess/issues/12842", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/issues/12842"}, {"name": "https://github.com/vitessio/vitess/pull/12843", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/pull/12843"}, {"name": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920"}, {"name": "https://github.com/vitessio/vitess/releases/tag/v16.0.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2"}, {"name": "https://pkg.go.dev/vitess.io/vitess@v0.16.2", "tags": ["x_refsource_MISC"], "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2"}], "affected": [{"vendor": "vitessio", "product": "vitess", "versions": [{"version": "< 16.0.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-05-11T19:07:39.530Z"}, "descriptions": [{"lang": "en", "value": "Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server."}], "source": {"advisory": "GHSA-pqj7-jx24-wj7w", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:15.882Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w"}, {"name": "https://github.com/vitessio/vitess/issues/12842", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/issues/12842"}, {"name": "https://github.com/vitessio/vitess/pull/12843", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/pull/12843"}, {"name": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920"}, {"name": "https://github.com/vitessio/vitess/releases/tag/v16.0.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2"}, {"name": "https://pkg.go.dev/vitess.io/vitess@v0.16.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-29195", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-24T21:28:35.583348Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-24T21:28:26.998Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:vitess:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DA4AFFF-C602-4288-9D50-AE0D4AEF1E97", "versionEndExcluding": "16.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server."}], "id": "CVE-2023-29195", "lastModified": "2024-11-21T07:56:41.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-11T20:15:09.403", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Issue Tracking", "Patch"], "url": "https://github.com/vitessio/vitess/issues/12842"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/vitessio/vitess/pull/12843"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w"}, {"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch"], "url": "https://github.com/vitessio/vitess/issues/12842"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/vitessio/vitess/pull/12843"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-703"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}