CVE-2023-43795 — AI Deep Analysis Summary

🚨 **Essence**: SSRF in GeoServer's WPS service. 📉 **Consequences**: Attackers can forge server-side requests, potentially accessing internal networks or sensitive data. It compromises integrity and confidentiality.

🛡️ **Root Cause**: CWE-918 (Server-Side Request Forgery). The OGC Web Processing Service (WPS) allows GET/POST requests that can be manipulated to target internal resources.

📦 **Affected**: GeoServer versions **< 2.22.5** (2.22.x series) AND **< 2.23.2** (2.23.x series). Java-based open-source geospatial server.

💀 **Attacker Capabilities**: High Confidentiality impact (C:H). Can read internal data. Moderate Integrity (I:L) and Availability (A:L) risks. Can leverage the server to access restricted internal endpoints.

⚡ **Threshold**: LOW. CVSS Vector: AV:N/AC:L/PR:N/UI:N/S:U. No authentication (PR:N) or user interaction (UI:N) required. Network accessible (AV:N). Easy to exploit.

🔍 **Public Exp?**: Yes. Proof of Concept (PoC) available via ProjectDiscovery Nuclei templates. Wild exploitation is likely given the low barrier to entry.

🔎 **Self-Check**: Scan for GeoServer WPS endpoints. Use Nuclei templates targeting CVE-2023-43795. Check if the server version is below the patched thresholds.

✅ **Fixed**: Yes. Official patches released in **GeoServer 2.22.5** and **2.23.2**. Refer to GitHub Security Advisory GHSA-5pr3-m5hm-9956.

🚧 **No Patch?**: Isolate the WPS service. Restrict network access to internal resources. Implement WAF rules to block suspicious outbound requests from the WPS endpoint.

🔥 **Urgency**: HIGH. Critical severity (C:H), no auth needed, public PoC exists. Immediate patching or mitigation is strongly recommended.