Описание
MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.1 (исключая)
cpe:2.3:a:maxkb:maxkb:*:*:*:*:-:*:*:*
EPSS
Процентиль: 18%
0.00059
Низкий
7.4 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-918
EPSS
Процентиль: 18%
0.00059
Низкий
7.4 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-918