Lucene search

TR-CERTCVELIST:CVE-2023-4662

HistorySep 15, 2023 - 8:36 a.m.

CVE-2023-4662 RCE in Saphira Connect

2023-09-1508:36:04

CWE-250

TR-CERT

www.cve.org

saphira connect

remote code inclusion

vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.9%

JSON

Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion.This issue affects Saphira Connect: before 9.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Saphira Connect",
    "vendor": "Saphira",
    "versions": [
      {
        "lessThan": "9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-23-0535

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.9%

JSON

Related for CVELIST:CVE-2023-4662