exploitDog

CVE-2023-49328

Опубликовано: 25 дек. 2023

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module.

Ссылки

https://www.gruppotim.it/it/footer/red-team.html
Third Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:wolterskluwer:b.point:23.70.00:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01593

Низкий

7.2 High

CVSS3

Дефекты

CWE-74

Связанные уязвимости

GHSA-88cv-mw5r-6xcj

CVSS3: 7.2

github

около 2 лет назад

On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module.

EPSS

Процентиль: 81%

0.01593

Низкий

7.2 High

CVSS3

Дефекты

CWE-74