CVE-2023-7210

🗓️ 07 Jan 2024 09:31:03Reported by VulDBType

Vulnerability in OneNav up to 0.9.33, leading to improper authentication via manipulation of X-Token argument in /index.php?c=ap

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2023-7210	7 Jan 202411:31	–	circl
CNNVD	OneNav License Issues Vulnerabilities	7 Jan 202400:00	–	cnnvd
Cvelist	CVE-2023-7210 OneNav API improper authentication	7 Jan 202409:31	–	cvelist
EUVD	EUVD-2023-59391	3 Oct 202520:07	–	euvd
NVD	CVE-2023-7210	7 Jan 202410:15	–	nvd
Prion	Authentication flaw	7 Jan 202410:15	–	prion
RedhatCVE	CVE-2023-7210	23 May 202505:23	–	redhatcve
Vulnrichment	CVE-2023-7210 OneNav API improper authentication	7 Jan 202409:31	–	vulnrichment

NVD

Vulners

Node

onenav onenavRange≤0.9.33

[
  {
    "vendor": "n/a",
    "product": "OneNav",
    "versions": [
      {
        "version": "0.9.0",
        "status": "affected"
      },
      {
        "version": "0.9.1",
        "status": "affected"
      },
      {
        "version": "0.9.2",
        "status": "affected"
      },
      {
        "version": "0.9.3",
        "status": "affected"
      },
      {
        "version": "0.9.4",
        "status": "affected"
      },
      {
        "version": "0.9.5",
        "status": "affected"
      },
      {
        "version": "0.9.6",
        "status": "affected"
      },
      {
        "version": "0.9.7",
        "status": "affected"
      },
      {
        "version": "0.9.8",
        "status": "affected"
      },
      {
        "version": "0.9.9",
        "status": "affected"
      },
      {
        "version": "0.9.10",
        "status": "affected"
      },
      {
        "version": "0.9.11",
        "status": "affected"
      },
      {
        "version": "0.9.12",
        "status": "affected"
      },
      {
        "version": "0.9.13",
        "status": "affected"
      },
      {
        "version": "0.9.14",
        "status": "affected"
      },
      {
        "version": "0.9.15",
        "status": "affected"
      },
      {
        "version": "0.9.16",
        "status": "affected"
      },
      {
        "version": "0.9.17",
        "status": "affected"
      },
      {
        "version": "0.9.18",
        "status": "affected"
      },
      {
        "version": "0.9.19",
        "status": "affected"
      },
      {
        "version": "0.9.20",
        "status": "affected"
      },
      {
        "version": "0.9.21",
        "status": "affected"
      },
      {
        "version": "0.9.22",
        "status": "affected"
      },
      {
        "version": "0.9.23",
        "status": "affected"
      },
      {
        "version": "0.9.24",
        "status": "affected"
      },
      {
        "version": "0.9.25",
        "status": "affected"
      },
      {
        "version": "0.9.26",
        "status": "affected"
      },
      {
        "version": "0.9.27",
        "status": "affected"
      },
      {
        "version": "0.9.28",
        "status": "affected"
      },
      {
        "version": "0.9.29",
        "status": "affected"
      },
      {
        "version": "0.9.30",
        "status": "affected"
      },
      {
        "version": "0.9.31",
        "status": "affected"
      },
      {
        "version": "0.9.32",
        "status": "affected"
      },
      {
        "version": "0.9.33",
        "status": "affected"
      }
    ],
    "modules": [
      "API"
    ]
  }
]

Source	Link
note	www.note.zhaoj.in/share/eRbUygGMiJcp
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/advisories/GHSA-353q-7h99-hf4x

21 Nov 2024 08:45Current

9.5High risk

Vulners AI Score9.5

CVSS 3.17.3 - 9.8

CVSS 27.5

CVSS 37.3

EPSS0.00079

SSVC

CWE-287