From 84e81a4d215427b5b9650bfe91d9de03ddf4cbf6 Mon Sep 17 00:00:00 2001
From: Zvonimir Pavlinovic <zpavlinovic@google.com>
Date: Tue, 2 Apr 2024 20:33:45 +0000
Subject: [PATCH] data/reports: add GO-2024-2671.yaml

Aliases: CVE-2023-3300, GHSA-v5fm-hr72-27hx

Fixes golang/vulndb#2671

Change-Id: I4b3a59c837660d4e19d2177d9a77231c3f5e1b79
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/575935
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Zvonimir Pavlinovic <zpavlinovic@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
---
 data/osv/GO-2024-2671.json     | 142 +++++++++++++++++++++++++++++++++
 data/reports/GO-2024-2671.yaml | 101 +++++++++++++++++++++++
 2 files changed, 243 insertions(+)
 create mode 100644 data/osv/GO-2024-2671.json
 create mode 100644 data/reports/GO-2024-2671.yaml

diff --git a/data/osv/GO-2024-2671.json b/data/osv/GO-2024-2671.json
new file mode 100644
index 00000000..bacca0e9
--- /dev/null
+++ b/data/osv/GO-2024-2671.json
@@ -0,0 +1,142 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2024-2671",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2023-3300",
+    "GHSA-v5fm-hr72-27hx"
+  ],
+  "summary": "CSI plugin names disclosure in github.com/hashicorp/nomad",
+  "details": "A vulnerability was identified in Nomad such that the search HTTP API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. This vulnerability affects Nomad since 0.11.0 and was fixed in 1.4.11 and 1.5.7.",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/hashicorp/nomad",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0.11.0"
+            },
+            {
+              "fixed": "1.4.11"
+            },
+            {
+              "introduced": "1.5.0"
+            },
+            {
+              "fixed": "1.5.7"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {
+        "imports": [
+          {
+            "path": "github.com/hashicorp/nomad/acl",
+            "symbols": [
+              "ACL.AllowVariableSearch"
+            ]
+          },
+          {
+            "path": "github.com/hashicorp/nomad/nomad",
+            "symbols": [
+              "ACL.GetPolicies",
+              "ACL.GetPolicy",
+              "ACL.GetRoleByID",
+              "ACL.GetRoleByName",
+              "ACL.GetRolesByID",
+              "ACL.GetToken",
+              "ACL.GetTokens",
+              "ACL.ListPolicies",
+              "ACL.ListRoles",
+              "ACL.ListTokens",
+              "Alloc.GetAlloc",
+              "Alloc.GetAllocs",
+              "Alloc.GetServiceRegistrations",
+              "Alloc.List",
+              "CSIPlugin.Get",
+              "CSIPlugin.List",
+              "CSIVolume.Get",
+              "CSIVolume.List",
+              "Deployment.Allocations",
+              "Deployment.GetDeployment",
+              "Deployment.List",
+              "Eval.Allocations",
+              "Eval.Count",
+              "Eval.GetEval",
+              "Eval.List",
+              "Job.Allocations",
+              "Job.Deployments",
+              "Job.Dispatch",
+              "Job.Evaluations",
+              "Job.GetJob",
+              "Job.GetJobVersions",
+              "Job.GetServiceRegistrations",
+              "Job.LatestDeployment",
+              "Job.List",
+              "Job.Plan",
+              "Job.ScaleStatus",
+              "Job.Summary",
+              "Keyring.Get",
+              "Keyring.List",
+              "Namespace.GetNamespace",
+              "Namespace.GetNamespaces",
+              "Namespace.ListNamespaces",
+              "NewServer",
+              "NewWorker",
+              "Node.GetAllocs",
+              "Node.GetClientAllocs",
+              "Node.GetNode",
+              "Node.List",
+              "PeriodicDispatch.SetEnabled",
+              "Scaling.GetPolicy",
+              "Scaling.ListPolicies",
+              "Search.FuzzySearch",
+              "Search.PrefixSearch",
+              "Server.Reload",
+              "Server.RunningChildren",
+              "Server.SetSchedulerWorkerConfig",
+              "ServiceRegistration.GetService",
+              "ServiceRegistration.List",
+              "TestACLServer",
+              "TestServer",
+              "TestServerErr",
+              "Variables.List",
+              "Variables.Read",
+              "Worker.Start",
+              "filteredSearchContexts",
+              "getEnterpriseFuzzyResourceIter",
+              "nomadFSM.Apply",
+              "nomadFSM.Restore",
+              "nomadFSM.RestoreWithFilter",
+              "sufficientSearchPerms"
+            ]
+          }
+        ]
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "FIX",
+      "url": "https://github.com/hashicorp/nomad/commit/a8789d3872bbf1b1f420f28b0f7ad8532a41d5e3"
+    },
+    {
+      "type": "WEB",
+      "url": "https://discuss.hashicorp.com/t/hcsec-2023-22-nomad-search-api-leaks-information-about-csi-plugins/56272"
+    }
+  ],
+  "credits": [
+    {
+      "name": "anonymous4ACL24"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2024-2671"
+  }
+}
\ No newline at end of file
diff --git a/data/reports/GO-2024-2671.yaml b/data/reports/GO-2024-2671.yaml
new file mode 100644
index 00000000..994c7c0b
--- /dev/null
+++ b/data/reports/GO-2024-2671.yaml
@@ -0,0 +1,101 @@
+id: GO-2024-2671
+modules:
+    - module: github.com/hashicorp/nomad
+      versions:
+        - introduced: 0.11.0
+          fixed: 1.4.11
+        - introduced: 1.5.0
+          fixed: 1.5.7
+      vulnerable_at: 1.4.10
+      packages:
+        - package: github.com/hashicorp/nomad/acl
+          symbols:
+            - ACL.AllowVariableSearch
+        - package: github.com/hashicorp/nomad/nomad
+          symbols:
+            - sufficientSearchPerms
+            - filteredSearchContexts
+            - getEnterpriseFuzzyResourceIter
+          derived_symbols:
+            - ACL.GetPolicies
+            - ACL.GetPolicy
+            - ACL.GetRoleByID
+            - ACL.GetRoleByName
+            - ACL.GetRolesByID
+            - ACL.GetToken
+            - ACL.GetTokens
+            - ACL.ListPolicies
+            - ACL.ListRoles
+            - ACL.ListTokens
+            - Alloc.GetAlloc
+            - Alloc.GetAllocs
+            - Alloc.GetServiceRegistrations
+            - Alloc.List
+            - CSIPlugin.Get
+            - CSIPlugin.List
+            - CSIVolume.Get
+            - CSIVolume.List
+            - Deployment.Allocations
+            - Deployment.GetDeployment
+            - Deployment.List
+            - Eval.Allocations
+            - Eval.Count
+            - Eval.GetEval
+            - Eval.List
+            - Job.Allocations
+            - Job.Deployments
+            - Job.Dispatch
+            - Job.Evaluations
+            - Job.GetJob
+            - Job.GetJobVersions
+            - Job.GetServiceRegistrations
+            - Job.LatestDeployment
+            - Job.List
+            - Job.Plan
+            - Job.ScaleStatus
+            - Job.Summary
+            - Keyring.Get
+            - Keyring.List
+            - Namespace.GetNamespace
+            - Namespace.GetNamespaces
+            - Namespace.ListNamespaces
+            - NewServer
+            - NewWorker
+            - Node.GetAllocs
+            - Node.GetClientAllocs
+            - Node.GetNode
+            - Node.List
+            - PeriodicDispatch.SetEnabled
+            - Scaling.GetPolicy
+            - Scaling.ListPolicies
+            - Search.FuzzySearch
+            - Search.PrefixSearch
+            - Server.Reload
+            - Server.RunningChildren
+            - Server.SetSchedulerWorkerConfig
+            - ServiceRegistration.GetService
+            - ServiceRegistration.List
+            - TestACLServer
+            - TestServer
+            - TestServerErr
+            - Variables.List
+            - Variables.Read
+            - Worker.Start
+            - nomadFSM.Apply
+            - nomadFSM.Restore
+            - nomadFSM.RestoreWithFilter
+summary: CSI plugin names disclosure in github.com/hashicorp/nomad
+description: |-
+    A vulnerability was identified in Nomad such that the search HTTP API
+    can reveal names of available CSI plugins to unauthenticated users or
+    users without the plugin:read policy. This vulnerability affects Nomad
+    since 0.11.0 and was fixed in 1.4.11 and 1.5.7.
+cves:
+    - CVE-2023-3300
+ghsas:
+    - GHSA-v5fm-hr72-27hx
+credits:
+    - anonymous4ACL24
+references:
+    - fix: https://github.com/hashicorp/nomad/commit/a8789d3872bbf1b1f420f28b0f7ad8532a41d5e3
+    - web: https://discuss.hashicorp.com/t/hcsec-2023-22-nomad-search-api-leaks-information-about-csi-plugins/56272