CVE-2023-23934 in Werkzeug
Summary
by MITRE • 02/14/2023
Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 09/11/2025
The vulnerability identified as CVE-2023-23934 affects Werkzeug, a widely-used WSGI web application library that serves as the foundation for many python web frameworks including flask. This security flaw stems from an improper cookie parsing mechanism that creates a cross-subdomain cookie manipulation attack vector. The vulnerability specifically exploits how browsers handle "nameless" cookies that appear as `=value` rather than the standard `key=value` format. When a compromised or malicious subdomain sets such a cookie using a vulnerable browser, the cookie appears to lack a proper key name but still contains a value that can be processed by the application. The issue manifests when Werkzeug versions prior to 2.2.3 parse cookies with the format `=__Host-test=bad` and incorrectly interpret the cookie as `__Host-test=bad` while stripping the initial equals sign from what should be a malformed cookie structure. This parsing error creates a situation where applications can be tricked into processing what appears to be a valid cookie key but actually represents malicious data that bypasses normal security checks.
The technical exploitation of this vulnerability occurs in environments where multiple subdomains are hosted on the same domain and share cookie domains. When a vulnerable browser encounters a cookie like `=__Host-test=bad` from an adjacent subdomain, the Werkzeug library's cookie parser incorrectly processes the malformed cookie by removing the leading equals sign and treating the remainder as a legitimate cookie key. This creates a scenario where security mechanisms that rely on proper cookie parsing can be bypassed, potentially allowing attackers to manipulate session data or authentication tokens. The vulnerability is particularly dangerous because it leverages the browser's handling of malformed cookies rather than directly exploiting application code, making it harder to detect and prevent. This type of vulnerability falls under CWE-200, which covers information exposure, and represents a form of cookie manipulation that can lead to session hijacking or privilege escalation attacks. The attack vector specifically aligns with techniques described in the ATT&CK framework under T1548.005 for hijacking authentication tokens and T1566.002 for credential access through web applications.
The operational impact of this vulnerability extends beyond simple cookie parsing errors and can potentially compromise entire web applications that rely on Werkzeug for session management and authentication handling. Applications using affected Werkzeug versions become vulnerable to cross-subdomain cookie manipulation attacks where malicious actors can exploit the parsing inconsistency to inject malicious data into cookie processing pipelines. This could result in session fixation scenarios, where attackers manipulate session identifiers to gain unauthorized access to user accounts. The vulnerability is particularly concerning in multi-tenant environments or applications where different subdomains handle different security contexts, as it allows for lateral movement between these security boundaries. Organizations running web applications built on Flask or other frameworks that depend on Werkzeug are at risk, especially when these applications are deployed in shared hosting environments or when subdomains are not properly isolated. The fix implemented in Werkzeug 2.2.3 involves enhancing the cookie parsing logic to properly handle malformed cookies and prevent the stripping of leading equals signs that could be exploited for malicious purposes. Security teams should prioritize updating their Werkzeug dependencies to version 2.2.3 or later to prevent potential exploitation of this vulnerability and ensure proper cookie handling across all web applications that rely on this library.