Lucene search

[email protected]CVE-2023-40924

HistorySep 08, 2023 - 1:15 p.m.

CVE-2023-40924

2023-09-0813:15:08

CWE-22

[email protected]

web.nvd.nist.gov

cve-2023-40924

solarview

compact

directory traversal

vulnerability

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.9%

JSON

SolarView Compact < 6.00 is vulnerable to Directory Traversal.

Affected configurations

NVD

Node

contecsolarview_compactMatch-

AND

contecsolarview_compact_firmwareRange<6.0

CPENameOperatorVersion
contec:solarview_compact_firmwarecontec solarview compact firmwarelt6.0

CPE	Name	Operator	Version
contec:solarview_compact_firmware	contec solarview compact firmware	lt	6.0

References

github.com/Yobing1/CVE-2023-40924/blob/main/README.md

nvd.nist.gov/vuln/detail/CVE-2023-33620

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.9%

JSON

Related for CVE-2023-40924

prion1 nvd1 cvelist1