Lucene search

[email protected]CVE-2023-39058

HistorySep 18, 2023 - 9:15 p.m.

CVE-2023-39058

2023-09-1821:15:55

CWE-668

[email protected]

web.nvd.nist.gov

cve-2023-39058

information leak

the_b_members card

v13.6.1

access token

crafted messages

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

Affected configurations

NVD

Node

the_b_members_card_projectthe_b_members_cardMatch13.6.1

CPENameOperatorVersion
the_b_members_card_project:the_b_members_cardthe b members card project the b members cardeq13.6.1

CPE	Name	Operator	Version
the_b_members_card_project:the_b_members_card	the b members card project the b members card	eq	13.6.1

References

thebmembers.com

github.com/syz913/CVE-reports/blob/main/CVE-2023-39058.md

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2023-39058

nvd1 prion1 cvelist1