# CVE-2023-3128
To check if a domain is vulnerable to CVE-2023-3128, which involves an authentication bypass in Grafana due to Azure AD email claim validation, you can use the following Python script:
-------------------
#!/usr/bin/env python3
import requests
import argparse
def check_cve_2023_3128(target_url, verbose=False):
"""Check for CVE-2023-3128 vulnerability"""
session = requests.Session()
# Step 1: Verify Azure AD SSO configuration
try:
response = session.get(
f"{target_url}/login",
allow_redirects=False,
timeout=10
)
azure_ad_configured = any(
"azuread" in location.lower()
for location in response.headers.get('Location', '')
)
if verbose:
print(f"[*] Azure AD SSO configured: {azure_ad_configured}")
except requests.RequestException as e:
if verbose:
print(f"[!] Connection error: {str(e)}")
return False
# Step 2: Attempt authentication bypass (spoofing)
# Note: This requires creating an Azure AD account with the same email as a target Grafana user.
# This step is not automated due to ethical and legal considerations.
if azure_ad_configured:
if verbose:
print("[*] Azure AD SSO is enabled. Vulnerability may be exploitable via email spoofing.")
return True
else:
if verbose:
print("[-] Azure AD SSO not detected or not vulnerable.")
return False
def main():
parser = argparse.ArgumentParser(description='CVE-2023-3128 Scanner')
parser.add_argument('url', help='Target URL (e.g., https://example.com)')
parser.add_argument('-v', '--verbose', action='store_true', help='Enable verbose output')
args = parser.parse_args()
if check_cve_2023_3128(args.url, verbose=args.verbose):
print(f"\nTarget {args.url} may be vulnerable to CVE-2023-3128.")
print("Recommendation: Update Grafana to version ≥9.5.5 and ensure Azure AD OAuth is properly configured.")
else:
print(f"\nTarget {args.url} does not appear to be vulnerable to CVE-2023-3128.")
if __name__ == "__main__":
main()
[4.0K] /data/pocs/600f727b2f4d9a6210465b8f312654cb43bae8c0
└── [2.2K] README.md
0 directories, 1 file