CVE-2023-1784

Опубликовано: 31 мар. 2023

Источник: nvd

CVSS3: 5.3

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

A vulnerability was found in jeecg-boot 3.5.0 and classified as critical. This issue affects some unknown processing of the component API Documentation. The manipulation leads to improper authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224699.

Ссылки

https://note.youdao.com/ynoteshare/index.html?id=7eb8fc804ea3544d8add43749a09173e
Broken Link
https://vuldb.com/?ctiid.224699
Permissions Required
Third Party Advisory
https://vuldb.com/?id.224699
Third Party Advisory
https://note.youdao.com/ynoteshare/index.html?id=7eb8fc804ea3544d8add43749a09173e
Broken Link
https://vuldb.com/?ctiid.224699
Permissions Required
Third Party Advisory
https://vuldb.com/?id.224699
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jeecg:jeecg_boot:3.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00131

Низкий

5.3 Medium

CVSS3

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-6rfv-h5v8-cj7g

CVSS3: 9.8

github

почти 3 года назад

jeecg-boot vulnerable to improper authentication

EPSS

Процентиль: 33%

0.00131

Низкий

5.3 Medium

CVSS3

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287