Lucene search

[email protected]CVE-2023-6566

HistoryDec 07, 2023 - 12:15 a.m.

CVE-2023-6566

2023-12-0700:15:07

CWE-840

[email protected]

web.nvd.nist.gov

cve-2023-6566

github

repository

microweber

nvd

security

business logic errors

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

16.1%

JSON

Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.

Affected configurations

NVD

Node

microwebermicroweberRange<2.0.0

CPENameOperatorVersion
microweber:microwebermicroweberlt2.0.0

CPE	Name	Operator	Version
microweber:microweber	microweber	lt	2.0.0

CNA Affected

[
  {
    "vendor": "microweber",
    "product": "microweber/microweber",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "2.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/microweber/microweber/commit/eee0c6771e152022a91089a547272c8a542bb74e

huntr.com/bounties/cf4b68b5-8d97-4d05-9cde-e76b1a414fd6

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

16.1%

JSON

Related for CVE-2023-6566

friendsofphp2 prion1 veracode1 osv2 nvd1 cvelist1 github1