Lucene search

MitreCVE-2023-47132

HistoryFeb 08, 2024 - 11:15 p.m.

CVE-2023-47132

2024-02-0823:15:09

CWE-269

mitre

web.nvd.nist.gov

cve-2023-47132

n-able

n-central

escalated privileges

api calls

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

39.1%

JSON

An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls.

Affected configurations

Nvd

Node

n-ablen-centralRange<2023.7

VendorProductVersionCPE
n-ablen-central*cpe:2.3:a:n-able:n-central:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
n-able	n-central	*	cpe:2.3:a:n-able:n-central::::::::

References

me.n-able.com/s/security-advisory/aArHs000000M8CHKA0/cve202347132-ncentral-api-privilege-escalation

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

39.1%

JSON

Related for CVE-2023-47132