Vulnerability Name:

CVE-2023-24538 (CCN-252178)

Assigned:2023-04-05
Published:2023-04-05
Updated:2023-04-17
Summary:Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by the failure to properly consider backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2023-24538

Source: CCN
Type: Red Hat Bugzilla – Bug 2184481
(CVE-2023-24538) - CVE-2023-24538 golang: html/template: backticks not treated as string delimiters

Source: XF
Type: UNKNOWN
golang-cve202324538-code-exec(252178)

Source: CCN
Type: Go GIT Repository
html/template: backticks not treated as string delimiters (CVE-2023-24538) #59234

Source: CCN
Type: GO-2023-1703
html/template

Source: CCN
Type: SNYK-ALPINE317-GO-5417942
Arbitrary Code Injection

Source: CCN
Type: IBM Security Bulletin 6995489 (CICS TX Standard)
Vulnerability in Golang Go could affect IBM CICS TX Standard [CVE-2023-24538]

Source: CCN
Type: IBM Security Bulletin 6995491 (CICS TX Advanced)
Vulnerability in Golang Go could affect IBM CICS TX Advanced [CVE-2023-24538]

Source: CCN
Type: IBM Security Bulletin 6998391 (Cloud Pak for Integration)
Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Go

Source: CCN
Type: IBM Security Bulletin 6998399 (Spectrum Copy Data Management)
Vulnerabilities in Golang Go might affect IBM Spectrum Copy Data Management ( CVE-2023-24536, CVE-2023-24537, CVE-2023-24538)

Source: CCN
Type: IBM Security Bulletin 7004575 (Watson Discovery)
IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Golang Go

Source: CCN
Type: IBM Security Bulletin 7005479 (Cloud Pak for Network Automation)
IBM Cloud Pak for Network Automation 2.4.7 fixes multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7005589 (Spectrum Protect Plus)
Vulnerabilities in Apache Commons, Tomcat, Go, libcurl, OpenSSL, Python, Node.js, and Linux can affect IBM Spectrum Protect Plus.

Source: CCN
Type: IBM Security Bulletin 7005869 (Cloud Pak for Integration)
Operations Dashboard is vulnerable to multiple vulnerabilities in Golang

Source: CCN
Type: IBM Security Bulletin 7008407 (Robotic Process Automation for Cloud Pak)
Multiple operator framework security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Source: CCN
Type: IBM Security Bulletin 7009745 (Cloud Pak for Watson AIOps)
Multiple Vulnerabilities in CloudPak for Watson AIOps

Source: CCN
Type: IBM Security Bulletin 7010325 (Cloud Pak System Software Suite)
Vulnerability in Golang Go affects IBM Cloud Pak System [CVE-2023-24538]

Source: CCN
Type: IBM Security Bulletin 7011697 (Storage Protect Plus Container Agent)
Vulnerabilities in Python, OpenSSH, Golang Go, Minio and Redis may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

Source: CCN
Type: IBM Security Bulletin 7014403 (Event Streams)
IBM Event Streams is affected by multiple Golang Go vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7015019 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Golang Go [CVE-2023-24538]

Source: CCN
Type: IBM Security Bulletin 7016688 (MQ Operator)
IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from openssl-libs, libssh, libarchive, sqlite and go-toolset

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:golang:go:1.19.7:*:*:*:*:*:*:*
  • OR cpe:/a:golang:go:1.20.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_copy_data_management:2.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8013
    P
    		go1.19-1.19.9-150000.1.31.1 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:8014
    P
    		go1.20-1.20.4-150000.1.11.1 on GA media (Moderate)
    2023-06-20
    BACK
    golang go 1.19.7
    golang go 1.20.2
    ibm spectrum protect plus 10.1.0
    ibm event streams 10.0.0
    ibm spectrum copy data management 2.2.0.0
    ibm cics tx 11.1
    ibm cics tx 11.1
    ibm robotic process automation for cloud pak 21.0.1