Lucene search

TR-CERTCVELIST:CVE-2023-6150

HistoryNov 28, 2023 - 9:25 a.m.

CVE-2023-6150 Information Disclosure in Eskom E-municipality

2023-11-2809:25:50

CWE-648

TR-CERT

www.cve.org

cve-2023-6150

information disclosure

eskom

e-municipality

privilege management

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.2%

JSON

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "e-municipality module",
    "vendor": "ESKOM Computer",
    "versions": [
      {
        "lessThan": "v.105",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-23-0664

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.2%

JSON

Related for CVELIST:CVE-2023-6150