Lucene search
MitreCVE-2023-46754HistoryOct 26, 2023 - 5:15 a.m.
CVE-2023-46754
2023-10-2605:15:26
CWE-863
mitre
web.nvd.nist.gov
28
admin panel
authorization bypass
email otp
vulnerability
cve-2023-46754
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
20.2%
The admin panel for Obl.ong before 1.1.2 allows authorization bypass because the email OTP feature accepts arbitrary numerical values.
Affected configurations
Node
obl.ongadminRange<1.1.2
Related
nvd
nvd
CVE-2023-46754
2023-10-26 05:15:26
cvelist
cvelist
CVE-2023-46754
2023-10-26 00:00:00
vulnrichment
vulnrichment
CVE-2023-46754
2023-10-26 00:00:00
osv
osv
CVE-2023-46754
2023-10-26 05:15:26
prion
prion
Authorization
2023-10-26 05:15:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
20.2%
Related for CVE-2023-46754