exploitDog

CVE-2023-39519

Опубликовано: 24 авг. 2023

Источник: nvd

CVSS3: 7.5

CVSS3: 4.9

EPSS Низкий

Описание

Cloud Explorer Lite is an open source cloud management platform. Prior to version 1.4.0, there is a risk of sensitive information leakage in the user information acquisition of CloudExplorer Lite. The vulnerability has been fixed in version 1.4.0.

Ссылки

https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.4.0
Release Notes
https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-hh2g-77xq-x4vq
Exploit
Third Party Advisory
https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.4.0
Release Notes
https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-hh2g-77xq-x4vq
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fit2cloud:cloudexplorer_lite:*:*:*:*:*:*:*:*

Версия до 1.4.0 (исключая)

EPSS

Процентиль: 20%

0.00064

Низкий

7.5 High

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-200

EPSS

Процентиль: 20%

0.00064

Низкий

7.5 High

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-200