exploitDog

CVE-2023-2541

Опубликовано: 07 июн. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to access internals about the application such as versions, host names, or IP addresses. No personal information or application data was exposed.

Ссылки

https://www.knime.com/security/advisories#CVE-2023-2541
Vendor Advisory
https://zigrin.com/advisories/knime-business-hub-sensitive-information-disclosure/
Third Party Advisory
https://www.knime.com/security/advisories#CVE-2023-2541
Vendor Advisory
https://zigrin.com/advisories/knime-business-hub-sensitive-information-disclosure/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*

Версия до 1.4.0 (исключая)

EPSS

Процентиль: 56%

0.00334

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-497

NVD-CWE-noinfo

Связанные уязвимости

GHSA-hg34-pjxc-5j77

CVSS3: 5.3

github

больше 2 лет назад

The Web Frontend of KNIME Business Hub before 1.4.0 allows an unauthenticated remote attacker to access internals about the application such as versions, host names, or IP addresses. No personal information or application data was exposed.

EPSS

Процентиль: 56%

0.00334

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-497

NVD-CWE-noinfo