Lucene search

K
cve[email protected]CVE-2023-22676
HistoryDec 29, 2023 - 9:15 a.m.

CVE-2023-22676

2023-12-2909:15:08
CWE-862
web.nvd.nist.gov
11
cve-2023-22676
missing authorization
anders thorborg
nvd
vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.3%

Missing Authorization vulnerability in Anders Thorborg.This issue affects Anders Thorborg: from n/a through 1.4.12.

Affected configurations

Vulners
NVD
Node
anders_thorborganders_thorborgRange1.4.12

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "acf-image-crop-add-on",
    "product": "Anders Thorborg",
    "vendor": "Anders Thorborg",
    "versions": [
      {
        "lessThanOrEqual": "1.4.12",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.3%

Related for CVE-2023-22676