Cyber Resilience

CVE-2024-23055

MediumPublic PoC

Published: 25 January 2024

Published
25 January 2024
Modified
17 June 2025
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score 0.0537 90.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-23055 is a medium-severity an unspecified weakness vulnerability in Plone Plone Docker Official Image. Its CVSS base score is 6.1 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 9.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2024-23055 affects the Plone Docker Official Image version 5.2.13 (5221). The vulnerability stems from improper validation of input supplied through HTTP HOST headers, enabling remote code execution against the affected containerized deployment of the open-source Plone content-management system.

An unauthenticated remote attacker can trigger the flaw over the network with low attack complexity and no required privileges, provided a user interacts with a crafted request. Successful exploitation yields limited impact on confidentiality and integrity within a changed security scope, while availability remains unaffected.

The supplied references point to the vendor domains plone.com and ploneorg.com along with a public repository containing exploit details, yet contain no explicit statements on patches, workarounds, or configuration changes. The associated EPSS score has remained flat at 0.0537 with no observed upward trajectory after disclosure.

EU & UK References

Vulnerability details

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

CVE-2024-23055 enables remote code execution in the public-facing Plone CMS Docker image via improper HOST header validation, directly facilitating exploitation of public-facing applications.

Affected Assets

plone
plone docker official image
5.2.13

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References