CVE-2023-46131
Denial of Service (DoS) vulnerability in grails-databinding (Maven)
What is CVE-2023-46131 About?
This vulnerability is a Denial of Service (DoS) in Grails framework applications using Grails data binding. A specially crafted web request can lead to a JVM crash or denial of service by exploiting an issue in the data binding mechanism. Exploitation is relatively straightforward for an attacker who can send malicious requests.
Affected Software
- org.grails:grails-databinding
- >6.0.0, <6.1.0
- >5.0.0, <5.3.4
- >4.0.0, <4.1.3
- >2.0.0, <3.3.17
Technical Details
The Denial of Service (DoS) vulnerability exists within the Grails framework's data binding mechanism. When an application uses Grails data binding and processes a specially crafted web request, the underlying JVM may crash. This suggests that the data binding process, when encountering malformed or excessively complex input, enters an uncontrolled state, potentially leading to resource exhaustion (e.g., excessive memory allocation, CPU cycles) or an unhandled exception that brings down the server. The __proto__ related issues in DataBinding can trigger unexpected property setting or object manipulation deep within the framework, causing the JVM to become unstable and crash, effectively denying service to legitimate users.
What is the Impact of CVE-2023-46131?
Successful exploitation may allow attackers to cause a JVM crash or denial of service, rendering the Grails application unavailable to legitimate users.
What is the Exploitability of CVE-2023-46131?
Exploitation of this Denial of Service vulnerability is of low complexity. An attacker needs to craft a specific web request that targets the Grails data binding functionality. No authentication or specific privileges are required beyond the ability to send web requests to the vulnerable application. This is a remote vulnerability, as attackers can trigger it by sending malicious requests over the network. The primary condition is that the application uses Grails data binding to process request data. Risk factors are increased when applications accept diverse and untrusted input that is directly subjected to data binding without stringent validation or sanitization, making them susceptible to malformed inputs designed to trigger resource exhaustion or errors within the JVM.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-46131?
About the Fix from Resolved Security
Available Upgrade Options
- org.grails:grails-databinding
- >2.0.0, <3.3.17 → Upgrade to 3.3.17
- org.grails:grails-databinding
- >4.0.0, <4.1.3 → Upgrade to 4.1.3
- org.grails:grails-databinding
- >5.0.0, <5.3.4 → Upgrade to 5.3.4
- org.grails:grails-databinding
- >6.0.0, <6.1.0 → Upgrade to 6.1.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/grails/grails-core/commit/c401faaa6c24c021c758b95f72304a0e855a8db3
- https://github.com/grails/grails-core
- https://github.com/grails/grails-core/commit/74326bdd2cf7dcb594092165e9464520f8366c60
- https://github.com/grails/grails-core/security/advisories/GHSA-3pjv-r7w4-2cf5
- https://nvd.nist.gov/vuln/detail/CVE-2023-46131
- https://grails.org/blog/2023-12-20-cve-data-binding-dos.html
- https://grails.org/blog/2023-12-20-cve-data-binding-dos.html
- https://github.com/grails/grails-core/commit/74326bdd2cf7dcb594092165e9464520f8366c60
- https://github.com/grails/grails-core/issues/13302
- https://github.com/grails/grails-core/security/advisories/GHSA-3pjv-r7w4-2cf5
What are Similar Vulnerabilities to CVE-2023-46131?
Similar Vulnerabilities: CVE-2023-34053 , CVE-2022-22965 , CVE-2021-44228 , CVE-2020-5398 , CVE-2019-11269
