Lucene search

@huntrdevCVE-2023-3218

HistoryJun 13, 2023 - 11:15 a.m.

CVE-2023-3218

2023-06-1311:15:08

CWE-366

@huntrdev

web.nvd.nist.gov

cve-2023-3218

race condition

github repository

openitcockpit

nvd

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

36.0%

JSON

Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5.

Affected configurations

Nvd

Node

it-novumopenitcockpitRange<4.6.5

VendorProductVersionCPE
it-novumopenitcockpit*cpe:2.3:a:it-novum:openitcockpit:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
it-novum	openitcockpit	*	cpe:2.3:a:it-novum:openitcockpit::::::::

CNA Affected

[
  {
    "vendor": "it-novum",
    "product": "it-novum/openitcockpit",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "4.6.5",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/it-novum/openitcockpit/commit/2c2c243964dda97a82eddb3804e39f9665c574bb

huntr.dev/bounties/94d50b11-20ca-46e3-9086-dd6836421675

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

36.0%

JSON

Related for CVE-2023-3218