Lucene search
HistoryJan 20, 2023 - 7:15 p.m.
CVE-2020-23256
cve-2020-23256
electerm
arbitrary code execution
security vulnerability
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.9%
An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.
Affected configurations
Node
electerm_projectelectermMatch1.3.22
| CPE | Name | Operator | Version |
|---|---|---|---|
| electerm_project:electerm | electerm project electerm | eq | 1.3.22 |
References
Related
osv
osv
Code injection in electerm
2023-01-20 21:30:32
prion
prion
Code injection
2023-01-20 19:15:00
nvd
nvd
CVE-2020-23256
2023-01-20 19:15:13
cvelist
cvelist
CVE-2020-23256
2023-01-20 00:00:00
github
github
Code injection in electerm
2023-01-20 21:30:32
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.9%
Related for CVE-2020-23256