CVE-2023-44031

Опубликовано: 03 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows attackers to arbitrarily save sensitive files in insecure locations via a crafted POST request.

Ссылки

http://seclists.org/fulldisclosure/2024/Jan/43
Mailing List
Third Party Advisory
https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
http://seclists.org/fulldisclosure/2024/Jan/43
Mailing List
Third Party Advisory
https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*

Версия от 15.1 (включая) до 16.0 (исключая)

EPSS

Процентиль: 19%

0.00062

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-284

Связанные уязвимости

GHSA-mmc3-qp8j-6fpj