Fluid Attacks Database

Description

In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	suricata	=1:6.0.1-3 \|\| >=0 <1:6.0.1-3+deb11u1	1:6.0.1-3+deb11u1
debian 13	suricata	>=0 <1:6.0.13-1	1:6.0.13-1
debian 14	suricata	>=0 <1:6.0.13-1	1:6.0.13-1

Aliases

1. CVE-2023-358522. NVD-2023-358523. OSV-DEBIAN-2023-358524. OSV-2023-358525. SECURITY-TRACKER-CVE-2023-35852

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.