Lucene search
MitreCVE-2023-34204HistoryMay 30, 2023 - 4:15 a.m.
CVE-2023-34204
2023-05-3004:15:10
CWE-59
mitre
web.nvd.nist.gov
16
imapsync
vulnerability
file overwrite
security
nvd
cve-2023-34204
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
25.2%
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus (for example) an attacker can modify imapsync’s cache and overwrite files belonging to the user who runs it.
Affected configurations
Node
imapsync_projectimapsyncRange≤2.229
| Vendor | Product | Version | CPE |
|---|---|---|---|
| imapsync_project | imapsync | * | cpe:2.3:a:imapsync_project:imapsync:*:*:*:*:*:*:*:* |
References
Related
osv
osv
CVE-2023-34204
2023-05-30 04:15:10
redhatcve
redhatcve
CVE-2023-34204
2023-05-30 13:40:35
alpinelinux
alpinelinux
CVE-2023-34204
2023-05-30 04:15:10
prion
prion
Design/Logic Flaw
2023-05-30 04:15:00
nvd
nvd
CVE-2023-34204
2023-05-30 04:15:10
cvelist
cvelist
CVE-2023-34204
2023-05-30 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
25.2%
Related for CVE-2023-34204