CVE-2023-28864

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-28864

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-28864.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-28864

Downstream

UBUNTU-CVE-2023-28864

Published

2023-07-17T20:15:13.343Z

Modified

2025-11-20T12:17:32.080383Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

References

Affected packages

Git / github.com/chef/chef-server

Affected ranges

Type: GIT
Repo: https://github.com/chef/chef-server
Events: Introduced

cd9bb59e4d0e54be910660de513493650c536b0c

Fixed

af0b0acd5c10b53c57678a549c892d8212edcb3f

Affected versions

0.*

0.1.1

0.1.2

0.18.1

0.18.2

0.19.0

0.19.1

0.19.10

0.19.11

0.19.12

0.19.2

0.19.3

0.19.4

0.19.5

0.19.6

0.19.7

0.19.8

0.19.9

0.2.0

0.2.1

0.2.2

0.2.5

0.2.6

0.2.7

0.2.8

0.20.0

0.20.1

0.20.2

0.20.3

0.20.4

0.20.5

0.20.6

0.21.0

0.21.1

0.21.10

0.21.11

0.21.12

0.21.13

0.21.14

0.21.15

0.21.16

0.21.17

0.21.18

0.21.19

0.21.2

0.21.20

0.21.21

0.21.22

0.21.23

0.21.24

0.21.25

0.21.26

0.21.27

0.21.28

0.21.29

0.21.3

0.21.30

0.21.31

0.21.32

0.21.33

0.21.34

0.21.35

0.21.36

0.21.37

0.21.4

0.21.5

0.21.6

0.21.7

0.21.8

0.21.9

0.22.1

0.22.2

0.23.0

0.23.1

0.23.2

0.23.3

0.24.0

0.24.1

0.24.2

0.24.3

0.24.4

0.24.5

0.24.6

0.25.0

0.25.1

0.25.10

0.25.11

0.25.12

0.25.13

0.25.14

0.25.15

0.25.16

0.25.17

0.25.18

0.25.19

0.25.2

0.25.20

0.25.21

0.25.22

0.25.23

0.25.3

0.25.4

0.25.5

0.25.6

0.25.7

0.25.8

0.25.9

0.26.0

0.26.1

0.26.2

0.26.3

0.26.4

0.26.5

0.26.6

0.26.7

0.26.8

0.27.1

0.27.2

0.27.3

0.27.4

0.27.5

0.27.6

0.27.7

0.28.0

0.28.1

0.28.2

0.28.3

0.28.4

0.28.5

0.29.0

0.29.1

0.29.2

0.29.3

0.29.4

0.3.0

0.3.1

0.3.2

0.3.3

0.30.0

0.4.0

0.4.2

0.4.3

0.4.4

0.5.0

1.*

1.0.0

1.0.1

1.0.10

1.0.11

1.0.12

1.0.13

1.0.14

1.0.15

1.0.16

1.0.17

1.0.18

1.0.19

1.0.2

1.0.20

1.0.21

1.0.22

1.0.23

1.0.24

1.0.25

1.0.26

1.0.27

1.0.28

1.0.29

1.0.3

1.0.30

1.0.33

1.0.34

1.0.35

1.0.36

1.0.37

1.0.38

1.0.39

1.0.4

1.0.40

1.0.41

1.0.42

1.0.43

1.0.44

1.0.45

1.0.46

1.0.47

1.0.47.1

1.0.48

1.0.49

1.0.5

1.0.50

1.0.51

1.0.52

1.0.53

1.0.54

1.0.55

1.0.56

1.0.57

1.0.58

1.0.59

1.0.6

1.0.60

1.0.61

1.0.62

1.0.64

1.0.65

1.0.66

1.0.67

1.0.68

1.0.69

1.0.7

1.0.70

1.0.71

1.0.72

1.0.73

1.0.74

1.0.75

1.0.76

1.0.77

1.0.78

1.0.79

1.0.8

1.0.9

1.3.0

1.3.1

1.4.1

1.4.5

1.5.0

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.7.0

1.8.0

1.8.1

1.8.2

1.8.3

12.*

12.0.0

12.0.1

12.0.3

12.0.4

12.0.5

12.0.6

12.0.7

12.0.8

12.1.0

12.1.0-alpha.1

12.1.0-rc.1

12.1.0-rc.2

12.1.0-rc.3

12.1.1

12.1.2

12.10.0

12.11.0

12.11.1

12.12.0

12.13.0

12.14.0

12.15.0

12.15.1

12.15.10

12.15.11

12.15.12

12.15.13

12.15.14

12.15.15

12.15.16

12.15.17

12.15.18

12.15.19

12.15.2

12.15.20

12.15.21

12.15.22

12.15.23

12.15.24

12.15.25

12.15.26

12.15.3

12.15.4

12.15.5

12.15.6

12.15.7

12.15.8

12.15.9

12.16.1

12.16.10

12.16.11

12.16.12

12.16.13

12.16.14

12.16.15

12.16.16

12.16.17

12.16.2

12.16.3

12.16.4

12.16.5

12.16.6

12.16.7

12.16.8

12.16.9

12.17.1

12.17.10

12.17.11

12.17.12

12.17.13

12.17.14

12.17.15

12.17.16

12.17.17

12.17.18

12.17.19

12.17.2

12.17.20

12.17.21

12.17.22

12.17.23

12.17.24

12.17.25

12.17.26

12.17.27

12.17.28

12.17.29

12.17.3

12.17.30

12.17.31

12.17.32

12.17.33

12.17.34

12.17.35

12.17.36

12.17.37

12.17.38

12.17.39

12.17.4

12.17.40

12.17.41

12.17.42

12.17.43

12.17.44

12.17.45

12.17.46

12.17.47

12.17.48

12.17.49

12.17.5

12.17.50

12.17.51

12.17.52

12.17.53

12.17.54

12.17.55

12.17.56

12.17.57

12.17.58

12.17.59

12.17.6

12.17.60

12.17.61

12.17.62

12.17.63

12.17.64

12.17.65

12.17.66

12.17.67

12.17.68

12.17.69

12.17.7

12.17.70

12.17.71

12.17.72

12.17.73

12.17.74

12.17.8

12.17.9

12.18.0

12.18.1

12.18.10

12.18.2

12.18.3

12.18.4

12.18.5

12.18.6

12.18.7

12.18.8

12.18.9

12.19.0

12.19.1

12.19.10

12.19.11

12.19.12

12.19.13

12.19.14

12.19.15

12.19.16

12.19.17

12.19.18

12.19.19

12.19.2

12.19.20

12.19.21

12.19.22

12.19.23

12.19.24

12.19.25

12.19.26

12.19.27

12.19.28

12.19.29

12.19.3

12.19.30

12.19.31

12.19.32

12.19.33

12.19.34

12.19.35

12.19.36

12.19.37

12.19.38

12.19.39

12.19.4

12.19.40

12.19.41

12.19.42

12.19.43

12.19.44

12.19.45

12.19.46

12.19.5

12.19.6

12.19.7

12.19.8

12.19.9

12.2.0

12.3.0

12.3.1

12.4.0

12.4.1

12.5.0

12.6.0

12.7.0

12.8.0

12.9.0

12.9.1

13.*

13.0.0

13.0.1

13.0.10

13.0.11

13.0.12

13.0.13

13.0.14

13.0.15

13.0.16

13.0.17

13.0.18

13.0.19

13.0.2

13.0.20

13.0.21

13.0.22

13.0.23

13.0.24

13.0.25

13.0.26

13.0.27

13.0.28

13.0.29

13.0.3

13.0.30

13.0.31

13.0.32

13.0.33

13.0.34

13.0.35

13.0.36

13.0.37

13.0.38

13.0.39

13.0.4

13.0.40

13.0.41

13.0.42

13.0.43

13.0.44

13.0.45

13.0.46

13.0.47

13.0.48

13.0.49

13.0.5

13.0.50

13.0.51

13.0.52

13.0.53

13.0.54

13.0.55

13.0.56

13.0.57

13.0.58

13.0.59

13.0.6

13.0.60

13.0.61

13.0.62

13.0.63

13.0.64

13.0.65

13.0.66

13.0.67

13.0.68

13.0.69

13.0.7

13.0.70

13.0.71

13.0.72

13.0.73

13.0.74

13.0.75

13.0.8

13.0.9

13.1.0

13.1.1

13.1.10

13.1.11

13.1.12

13.1.13

13.1.14

13.1.15

13.1.16

13.1.17

13.1.18

13.1.19

13.1.2

13.1.20

13.1.21

13.1.22

13.1.23

13.1.24

13.1.25

13.1.26

13.1.27

13.1.28

13.1.29

13.1.3

13.1.30

13.1.31

13.1.32

13.1.33

13.1.34

13.1.35

13.1.36

13.1.37

13.1.38

13.1.39

13.1.4

13.1.40

13.1.41

13.1.42

13.1.43

13.1.44

13.1.45

13.1.46

13.1.47

13.1.48

13.1.49

13.1.5

13.1.50

13.1.51

13.1.52

13.1.53

13.1.54

13.1.55

13.1.56

13.1.57

13.1.58

13.1.59

13.1.6

13.1.60

13.1.61

13.1.62

13.1.63

13.1.64

13.1.65

13.1.66

13.1.67

13.1.68

13.1.69

13.1.7

13.1.70

13.1.71

13.1.8

13.1.9

13.2.0

13.2.1

13.2.10

13.2.11

13.2.12

13.2.13

13.2.14

13.2.15

13.2.16

13.2.17

13.2.18

13.2.19

13.2.2

13.2.20

13.2.21

13.2.22

13.2.23

13.2.24

13.2.25

13.2.26

13.2.27

13.2.28

13.2.29

13.2.3

13.2.30

13.2.31

13.2.32

13.2.33

13.2.34

13.2.35

13.2.36

13.2.37

13.2.38

13.2.39

13.2.4

13.2.40

13.2.41

13.2.42

13.2.43

13.2.44

13.2.45

13.2.46

13.2.47

13.2.48

13.2.49

13.2.5

13.2.6

13.2.7

13.2.8

13.2.9

14.*

14.0.0

14.0.1

14.0.10

14.0.11

14.0.12

14.0.13

14.0.14

14.0.15

14.0.16

14.0.17

14.0.18

14.0.19

14.0.2

14.0.20

14.0.21

14.0.22

14.0.23

14.0.24

14.0.25

14.0.26

14.0.27

14.0.28

14.0.29

14.0.3

14.0.30

14.0.31

14.0.32

14.0.33

14.0.34

14.0.35

14.0.36

14.0.37

14.0.38

14.0.39

14.0.4

14.0.40

14.0.41

14.0.42

14.0.43

14.0.44

14.0.45

14.0.46

14.0.47

14.0.48

14.0.49

14.0.5

14.0.50

14.0.51

14.0.52

14.0.53

14.0.54

14.0.55

14.0.56

14.0.57

14.0.58

14.0.59

14.0.6

14.0.60

14.0.61

14.0.62

14.0.63

14.0.64

14.0.65

14.0.66

14.0.67

14.0.68

14.0.69

14.0.7

14.0.70

14.0.71

14.0.72

14.0.73

14.0.74

14.0.75

14.0.76

14.0.77

14.0.78

14.0.79

14.0.8

14.0.80

14.0.81

14.0.82

14.0.83

14.0.84

14.0.85

14.0.86

14.0.87

14.0.88

14.0.89

14.0.9

14.0.90

14.0.91

14.0.92

14.0.93

14.0.94

14.0.95

14.0.96

14.0.97

14.0.98

14.0.99

14.1.0

14.1.1

14.1.10

14.1.11

14.1.12

14.1.13

14.1.14

14.1.15

14.1.16

14.1.17

14.1.18

14.1.19

14.1.2

14.1.20

14.1.21

14.1.22

14.1.23

14.1.24

14.1.25

14.1.26

14.1.27

14.1.28

14.1.29

14.1.3

14.1.30

14.1.4

14.1.5

14.1.6

14.1.7

14.1.8

14.1.9

14.10.0

14.10.1

14.10.10

14.10.11

14.10.12

14.10.13

14.10.14

14.10.15

14.10.16

14.10.17

14.10.18

14.10.19

14.10.2

14.10.20

14.10.21

14.10.22

14.10.23

14.10.24

14.10.25

14.10.26

14.10.27

14.10.28

14.10.29

14.10.3

14.10.30

14.10.31

14.10.32

14.10.33

14.10.34

14.10.35

14.10.36

14.10.37

14.10.38

14.10.39

14.10.4

14.10.40

14.10.41

14.10.42

14.10.43

14.10.44

14.10.45

14.10.46

14.10.47

14.10.48

14.10.49

14.10.5

14.10.50

14.10.6

14.10.7

14.10.8

14.11.0

14.11.1

14.11.10

14.11.11

14.11.12

14.11.13

14.11.14

14.11.15

14.11.16

14.11.17

14.11.18

14.11.19

14.11.2

14.11.20

14.11.21

14.11.22

14.11.23

14.11.24

14.11.25

14.11.26

14.11.27

14.11.28

14.11.29

14.11.3

14.11.30

14.11.31

14.11.32

14.11.33

14.11.34

14.11.35

14.11.36

14.11.37

14.11.38

14.11.39

14.11.4

14.11.40

14.11.41

14.11.42

14.11.43

14.11.5

14.11.6

14.11.7

14.11.8

14.11.9

14.12.0

14.12.1

14.12.10

14.12.11

14.12.12

14.12.13

14.12.14

14.12.15

14.12.16

14.12.17

14.12.18

14.12.19

14.12.2

14.12.20

14.12.21

14.12.22

14.12.23

14.12.24

14.12.25

14.12.26

14.12.27

14.12.28

14.12.29

14.12.3

14.12.30

14.12.31

14.12.32

14.12.33

14.12.34

14.12.35

14.12.4

14.12.5

14.12.6

14.12.7

14.12.8

14.12.9

14.13.0

14.13.1

14.13.10

14.13.11

14.13.12

14.13.13

14.13.14

14.13.15

14.13.16

14.13.17

14.13.18

14.13.19

14.13.2

14.13.20

14.13.21

14.13.22

14.13.23

14.13.24

14.13.25

14.13.26

14.13.27

14.13.28

14.13.29

14.13.3

14.13.30

14.13.31

14.13.32

14.13.33

14.13.34

14.13.35

14.13.36

14.13.37

14.13.38

14.13.39

14.13.4

14.13.40

14.13.41

14.13.42

14.13.43

14.13.44

14.13.45

14.13.46

14.13.47

14.13.48

14.13.49

14.13.5

14.13.50

14.13.51

14.13.52

14.13.53

14.13.54

14.13.55

14.13.56

14.13.57

14.13.58

14.13.59

14.13.6

14.13.60

14.13.61

14.13.62

14.13.63

14.13.64

14.13.65

14.13.66

14.13.67

14.13.68

14.13.69

14.13.7

14.13.8

14.13.9

14.14.0

14.14.1

14.14.10

14.14.2

14.14.3

14.14.4

14.14.5

14.14.6

14.14.7

14.14.8

14.14.9

14.15.0

14.15.1

14.15.10

14.15.11

14.15.12

14.15.13

14.15.14

14.15.15

14.15.16

14.15.17

14.15.18

14.15.19

14.15.2

14.15.20

14.15.21

14.15.22

14.15.23

14.15.24

14.15.25

14.15.3

14.15.4

14.15.5

14.15.6

14.15.7

14.15.8

14.15.9

14.16.0

14.16.1

14.16.10

14.16.11

14.16.12

14.16.13

14.16.14

14.16.15

14.16.16

14.16.17

14.16.18

14.16.19

14.16.2

14.16.20

14.16.21

14.16.22

14.16.23

14.16.24

14.16.25

14.16.26

14.16.3

14.16.4

14.16.5

14.16.6

14.16.8

14.16.9

14.2.0

14.2.1

14.2.10

14.2.11

14.2.12

14.2.13

14.2.14

14.2.15

14.2.16

14.2.17

14.2.18

14.2.19

14.2.2

14.2.20

14.2.21

14.2.22

14.2.23

14.2.24

14.2.25

14.2.3

14.2.4

14.2.5

14.2.6

14.2.7

14.2.8

14.2.9

14.3.0

14.3.1

14.3.10

14.3.11

14.3.12

14.3.13

14.3.14

14.3.15

14.3.16

14.3.17

14.3.18

14.3.19

14.3.2

14.3.20

14.3.21

14.3.22

14.3.23

14.3.24

14.3.25

14.3.26

14.3.27

14.3.28

14.3.29

14.3.3

14.3.4

14.3.5

14.3.6

14.3.7

14.3.8

14.3.9

14.4.0

14.4.1

14.4.2

14.4.3

14.4.4

14.4.5

14.4.6

14.4.7

14.5.0

14.5.1

14.5.10

14.5.11

14.5.12

14.5.13

14.5.14

14.5.15

14.5.16

14.5.17

14.5.18

14.5.19

14.5.2

14.5.20

14.5.21

14.5.22

14.5.23

14.5.24

14.5.25

14.5.26

14.5.27

14.5.28

14.5.29

14.5.3

14.5.30

14.5.31

14.5.32

14.5.33

14.5.4

14.5.5

14.5.6

14.5.7

14.5.8

14.5.9

14.6.0

14.6.1

14.6.10

14.6.11

14.6.12

14.6.13

14.6.14

14.6.15

14.6.16

14.6.17

14.6.18

14.6.19

14.6.2

14.6.20

14.6.21

14.6.22

14.6.23

14.6.24

14.6.25

14.6.26

14.6.27

14.6.28

14.6.29

14.6.3

14.6.30

14.6.31

14.6.32

14.6.33

14.6.34

14.6.35

14.6.36

14.6.37

14.6.38

14.6.4

14.6.5

14.6.6

14.6.7

14.6.8

14.6.9

14.7.0

14.7.1

14.7.10

14.7.11

14.7.12

14.7.13

14.7.14

14.7.15

14.7.16

14.7.17

14.7.18

14.7.19

14.7.2

14.7.20

14.7.21

14.7.22

14.7.23

14.7.24

14.7.25

14.7.26

14.7.27

14.7.28

14.7.29

14.7.3

14.7.30

14.7.31

14.7.32

14.7.4

14.7.5

14.7.6

14.7.7

14.7.8

14.7.9

14.8.0

14.8.1

14.8.10

14.8.11

14.8.12

14.8.13

14.8.14

14.8.15

14.8.16

14.8.17

14.8.18

14.8.19

14.8.2

14.8.3

14.8.4

14.8.5

14.8.6

14.8.7

14.8.8

14.8.9

14.9.0

14.9.1

14.9.10

14.9.11

14.9.12

14.9.13

14.9.14

14.9.15

14.9.16

14.9.17

14.9.18

14.9.19

14.9.2

14.9.20

14.9.21

14.9.22

14.9.23

14.9.24

14.9.25

14.9.26

14.9.27

14.9.28

14.9.29

14.9.3

14.9.30

14.9.31

14.9.4

14.9.5

14.9.6

14.9.7

14.9.8

14.9.9

15.*

15.0.0

15.0.1

15.0.10

15.0.11

15.0.12

15.0.13

15.0.14

15.0.15

15.0.16

15.0.17

15.0.18

15.0.19

15.0.2

15.0.20

15.0.21

15.0.22

15.0.23

15.0.24

15.0.25

15.0.26

15.0.27

15.0.28

15.0.29

15.0.3

15.0.30

15.0.31

15.0.32

15.0.33

15.0.34

15.0.35

15.0.4

15.0.5

15.0.6

15.0.7

15.0.8

15.0.9

15.1.0

15.1.1

15.1.10

15.1.11

15.1.12

15.1.13

15.1.14

15.1.15

15.1.16

15.1.17

15.1.18

15.1.19

15.1.2

15.1.20

15.1.21

15.1.22

15.1.23

15.1.24

15.1.25

15.1.26

15.1.27

15.1.28

15.1.29

15.1.3

15.1.30

15.1.31

15.1.32

15.1.33

15.1.4

15.1.5

15.1.6

15.1.7

15.1.8

15.1.9

15.2.0

15.2.1

15.2.10

15.2.2

15.2.3

15.2.4

15.2.5

15.2.6

15.2.7

15.2.8

15.2.9

15.3.0

15.3.1

15.3.10

15.3.11

15.3.12

15.3.13

15.3.14

15.3.15

15.3.16

15.3.17

15.3.18

15.3.19

15.3.2

15.3.20

15.3.21

15.3.22

15.3.23

15.3.24

15.3.25

15.3.26

15.3.27

15.3.3

15.3.4

15.3.5

15.3.6

15.3.7

15.3.8

15.3.9

15.4.0

15.4.1

15.4.2

15.4.3

15.4.4

15.5.0

15.5.1

15.5.2

15.5.3

15.5.4

15.6.0

15.6.1

15.6.10

15.6.11

15.6.12

15.6.2

15.6.3

15.6.4

15.6.5

15.6.6

15.6.7

15.6.8

15.6.9

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.1.0

2.1.1

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.2.0

2.2.1

2.2.10

2.2.11

2.2.12

2.2.13

2.2.14

2.2.15

2.2.16

2.2.17

2.2.19

2.2.2

2.2.20

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

Other

beta-1

hab-pkg-bookshelf

hab-pkg-chef-server-nginx

hab-pkg-oc_erchef

hab-pkg-openresty-noroot

request-logger

dev-1.*

dev-1.0.0

dev-1.0.2

dev-1.0.3

dev-1.0.4

dev-1.0.5

ned-1.*

ned-1.0

rel-0.*

rel-0.1.0

rel-0.18.0

rel-1.*

rel-1.0.0

rel-1.0.1

rel-1.0.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-28864.json"