exploitDog

CVE-2023-24842

Опубликовано: 27 мар. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL.

Ссылки

https://www.twcert.org.tw/tw/cp-132-6961-12444-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-6961-12444-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hgiga:oaklouds_mailsherlock:4.5:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00197

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-775x-85h4-43cp

CVSS3: 5.3

github

больше 2 лет назад

HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerability to access partial content of another user’s mail by changing user ID and mail ID within URL.

EPSS

Процентиль: 42%

0.00197

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639