Prior to this Werk an attacker was able to cause blocking IO in webconf rendering it unresponsive. (Denial of Service)
This vulnerability was identified through a commissioned penetration test conducted by OPTIMAbit (Roman Mueller).
In case updateing is not possible, one can limit access to Webconf to trusted IPs e.g. within Apache.
Indicators of Compromise:
After a malicious/faulty request webconf will not be accessible for about 5 minutes.
After these 5 minutes one can find messages containing [Errno 32] Broken pipe in /var/log/syslog.
We have rated the issue with a CVSS Score of 7.5 (High) with the following CVSS vector:
We assigned CVE-2023-22318 to this vulnerability.
To the list of all Werks