Lucene search
MitreCVE-2023-43322HistoryOct 28, 2023 - 1:15 a.m.
CVE-2023-43322
2023-10-2801:15:51
CWE-77
mitre
web.nvd.nist.gov
35
zpe systems
inc
nodegrid
os
v5.x
series
command injection
vulnerability
cve-2023-43322
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
17.6%
ZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to v5.6.13, v5.8.0 to v5.8.10, and v5.10.0 to v5.10.3 was discovered to contain a command injection vulnerability via the endpoint /v1/system/toolkit/files/.
Affected configurations
Node
zpesystemsnodegrid_osRange5.0.0–5.0.18
ORzpesystemsnodegrid_osRange5.2.0–5.2.20
ORzpesystemsnodegrid_osRange5.4.0–5.4.17
ORzpesystemsnodegrid_osRange5.6.0–5.6.14
ORzpesystemsnodegrid_osRange5.8.0–5.8.11
ORzpesystemsnodegrid_osRange5.10.0–5.10.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zpesystems | nodegrid_os | * | cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2023-43322
2023-10-28 00:00:00
nvd
nvd
CVE-2023-43322
2023-10-28 01:15:51
prion
prion
Command injection
2023-10-28 01:15:00
cvelist
cvelist
CVE-2023-43322
2023-10-28 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
17.6%
Related for CVE-2023-43322