Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-0574

Опубликовано: 09 фев. 2023
Источник: nvd
CVSS3: 6.8
CVSS3: 9.8
EPSS Низкий

Описание

Server-Side Request Forgery (SSRF), Improperly Controlled Modification of Dynamically-Determined Object Attributes, Improper Restriction of Excessive Authentication Attempts vulnerability in YugaByte, Inc. Yugabyte Managed allows Accessing Functionality Not Properly Constrained by ACLs, Communication Channel Manipulation, Authentication Abuse.This issue affects Yugabyte Managed: from 2.0.0.0 through 2.13.0.0

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:yugabyte:yugabytedb_managed:*:*:*:*:*:*:*:*
Версия от 2.0 (включая) до 2.13 (включая)

EPSS

Процентиль: 26%
0.0009
Низкий

6.8 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-307
NVD-CWE-noinfo

Связанные уязвимости

debian логотип

CVE-2023-0574

CVSS3: 6.8
debian
почти 3 года назад

Server-Side Request Forgery (SSRF), Improperly Controlled Modification ...

github логотип

GHSA-pvq4-73cw-rg9h

CVSS3: 9.8
github
почти 3 года назад

Server-Side Request Forgery (SSRF), Improperly Controlled Modification of Dynamically-Determined Object Attributes, Improper Restriction of Excessive Authentication Attempts vulnerability in YugaByte, Inc. Yugabyte Managed allows Accessing Functionality Not Properly Constrained by ACLs, Communication Channel Manipulation, Authentication Abuse.This issue affects Yugabyte Managed: from 2.0 through 2.13.

EPSS

Процентиль: 26%
0.0009
Низкий

6.8 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-307
NVD-CWE-noinfo