Lucene search

K
cve[email protected]CVE-2023-38886
HistorySep 20, 2023 - 1:15 a.m.

CVE-2023-38886

2023-09-2001:15:56
web.nvd.nist.gov
26
cve-2023-38886
dolibarr
erp
crm
remote code execution
security vulnerability

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script.

Affected configurations

NVD
Node
dolibarrdolibarr_erp\/crmRange17.0.1

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.6%

Related for CVE-2023-38886