CVE-2023-41339

Summary

CVE-2023-41339 is a vulnerability affecting GeoServer, an open-source Java software for managing and sharing geospatial data. The issue lies in the implementation of dynamic styling using user-supplied URLs in GetMap, GetLegendGraphic, and GetFeatureInfo operations. With improper URL checks in place, this vulnerability can lead to Service Side Request Forgery, allowing attackers to steal NetNTLMv2 user hashes. These hashes can be externally relayed or cracked, potentially granting unauthorized access. The vulnerability has been addressed in versions 2.22.5 and 2.23.2 of GeoServer.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.