Lucene search
HistoryDec 20, 2023 - 2:15 p.m.
CVE-2023-6784
cve-2023-6784
nvd
sitefinity
phishing
email
distribution
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
4.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.6%
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.
Affected configurations
Node
progresssitefinityRange4.0–13.3.7648
ORprogresssitefinityRange14.1–14.1.7828
ORprogresssitefinityRange14.2–14.2.7932
ORprogresssitefinityRange14.3–14.3.8029
ORprogresssitefinityRange14.4–14.4.8133
ORprogresssitefinityRange15.0–15.0.8223
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Sitefinity",
"vendor": "Progress Software Corporation",
"versions": [
{
"lessThan": "15.0.8223",
"status": "affected",
"version": "15.0",
"versionType": "semver"
},
{
"lessThan": "14.4.8133",
"status": "affected",
"version": "14.4",
"versionType": "semver"
},
{
"lessThan": "14.3.8029",
"status": "affected",
"version": "14.3",
"versionType": "semver"
},
{
"lessThan": "14.2.7932",
"status": "affected",
"version": "14.2",
"versionType": "semver"
},
{
"lessThan": "14.1.7828",
"status": "affected",
"version": "14.1",
"versionType": "semver"
},
{
"lessThan": "13.3.7648",
"status": "affected",
"version": "13.3",
"versionType": "semver"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-12-20 14:15:00
nvd
nvd
CVE-2023-6784
2023-12-20 14:15:22
cvelist
cvelist
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
4.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.6%
Related for CVE-2023-6784