Lucene search
HistoryFeb 07, 2024 - 8:15 p.m.
CVE-2023-38995
schuhfried
cve-2023-38995
database password
remote attacker
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.8%
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command.
Affected configurations
Node
schuhfriedschuhfriedRange≤8.22.00
| CPE | Name | Operator | Version |
|---|---|---|---|
| schuhfried:schuhfried | schuhfried | le | 8.22.00 |
Related
nvd
nvd
CVE-2023-38995
2024-02-07 20:15:49
prion
prion
Command injection
2024-02-07 20:15:00
cvelist
cvelist
CVE-2023-38995
2024-02-07 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.8%
Related for CVE-2023-38995