Lucene search

JetBrainsCVELIST:CVE-2023-45613

HistoryOct 09, 2023 - 10:20 a.m.

CVE-2023-45613

2023-10-0910:20:54

JetBrains

www.cve.org

jetbrains ktor

2.3.5

server certificates

not verified

cve-2023-45613

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.4%

JSON

In JetBrains Ktor before 2.3.5 server certificates were not verified

CNA Affected

[
  {
    "vendor": "JetBrains",
    "product": "Ktor",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "2.3.5",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.jetbrains.com/privacy-security/issues-fixed/

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.4%

JSON

Related for CVELIST:CVE-2023-45613