exploitDog

CVE-2023-6023

Опубликовано: 16 нояб. 2023

Источник: nvd

CVSS3: 8.6

CVSS3: 7.5

EPSS Средний

Описание

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifact_path URL parameter.

Ссылки

https://huntr.com/bounties/644ab868-db6d-4685-ab35-1a897632d2ca
Exploit
Third Party Advisory
https://huntr.com/bounties/644ab868-db6d-4685-ab35-1a897632d2ca
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vertaai:modeldb:-:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.47939

Средний

8.6 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-29

CWE-22

Связанные уязвимости

GHSA-qr8v-2mxv-xrj9

CVSS3: 8.6

github

около 2 лет назад

An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifact_path URL parameter.

EPSS

Процентиль: 98%

0.47939

Средний

8.6 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-29

CWE-22