Cyber Resilience

CVE-2023-38976

HighPublic PoC

Published: 21 August 2023

Published
21 August 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0874 92.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-38976 is a high-severity Reachable Assertion (CWE-617) vulnerability in Weaviate Weaviate. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 7.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Weaviate version 1.20.0 contains a reachable assertion flaw (CWE-617) in the handleUnbatchedGraphQLRequest function that can be triggered by network callers. The issue produces a denial-of-service condition with no authentication or user interaction required, corresponding to a CVSS 3.1 base score of 7.5.

An unauthenticated remote attacker can submit specially crafted GraphQL requests that reach the failing assertion, causing the server process to terminate and interrupting availability for legitimate users. The attack requires only network access and does not affect confidentiality or integrity.

Public references point to a detailed analysis at aisec.today and the upstream GitHub issue 3258, but no specific patch version, configuration workaround, or mitigation guidance is stated in the supplied references. The associated EPSS score has remained low, with a current value of 0.0874 and a peak of 0.0909.

EU & UK References

Vulnerability details

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

weaviate
weaviate
1.20.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References