exploitDog

CVE-2023-47320

Опубликовано: 13 дек. 2023

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.

Ссылки

http://silverpeas.com
Product
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47320
Exploit
Third Party Advisory
http://silverpeas.com
Product
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47320
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*

Версия до 6.3.2 (исключая)

EPSS

Процентиль: 57%

0.00351

Низкий

8.1 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-863

Связанные уязвимости

GHSA-whgv-6j78-5rh2

github

около 2 лет назад

Broken access control in Silverpeas

EPSS

Процентиль: 57%

0.00351

Низкий

8.1 High

CVSS3

Дефекты

NVD-CWE-Other

CWE-863