Lucene search

[email protected]CVE-2023-1877

HistoryApr 05, 2023 - 5:15 p.m.

CVE-2023-1877

2023-04-0517:15:06

CWE-77

[email protected]

web.nvd.nist.gov

cve-2023-1877

command injection

github

microweber

nvd

security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

Command Injection in GitHub repository microweber/microweber prior to 1.3.3.

Affected configurations

NVD

Node

microwebermicroweberRange<1.3.3

CPENameOperatorVersion
microweber:microwebermicroweberlt1.3.3

CPE	Name	Operator	Version
microweber:microweber	microweber	lt	1.3.3

CNA Affected

[
  {
    "vendor": "microweber",
    "product": "microweber/microweber",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.3.3",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d101e76c8d

huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for CVE-2023-1877

huntr1 prion1 veracode1 osv2 cvelist1 github1 nvd1