Lucene search

MitreCVE-2023-38847

HistoryOct 25, 2023 - 10:15 p.m.

CVE-2023-38847

2023-10-2522:15:09

CWE-200

mitre

web.nvd.nist.gov

cve-2023-38847

christina japan

line v.13.6.1

remote attacker

sensitive information

get request

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

49.2%

JSON

An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.

Affected configurations

Nvd

Node

linecorplineMatch13.6.1

VendorProductVersionCPE
linecorpline13.6.1cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linecorp	line	13.6.1	cpe:2.3:a:linecorp:line:13.6.1:::::::*

References

github.com/syz913/CVE-reports/blob/main/CVE-2023-38847.md

liff.line.me/1657631315-oX5J26Ak

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

49.2%

JSON

Related for CVE-2023-38847