Lucene search
GitHub Advisory DatabaseGHSA-V9RM-7RV9-R3FWHistoryMay 12, 2023 - 9:30 a.m.
Apache OpenMeetings Improper Authentication vulnerability
2023-05-1209:30:15
CWE-287
GitHub Advisory Database
github.com
4
apache
openmeetings
authentication
vulnerability
apache software foundation
versions affected
software
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
66.1%
An attacker that has gained access to certain private information can use this to act as other user.
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0
Affected configurations
Node
org.apache.openmeetings\openmeetingsMatchparent
ORorg.apache.openmeetings\openmeetingsMatchparent
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.openmeetings:openmeetings-parent | ge | 3.1.3 | |
| org.apache.openmeetings:openmeetings-parent | lt | 7.1.0 |
Related
prion
prion
Design/Logic Flaw
2023-05-12 08:15:00
openvas
openvas
Apache OpenMeetings 3.1.3 < 7.1.0 Authentication Bypass Vulnerability
2023-05-15 00:00:00
cvelist
cvelist
CVE-2023-29032 Apache OpenMeetings: allows bypass authentication
2023-05-12 07:43:30
cve
cve
CVE-2023-29032
2023-05-12 08:15:08
osv
osv
Apache OpenMeetings Improper Authentication vulnerability
2023-05-12 09:30:15
CVE-2023-29032
2023-05-12 08:15:08
veracode
veracode
Improper Authentication
2023-05-16 23:32:31
cnvd
cnvd
Apache OpenMeetings Authorization Issues Vulnerability
2023-05-17 00:00:00
nvd
nvd
CVE-2023-29032
2023-05-12 08:15:08
thn
thn
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
66.1%
Related for GHSA-V9RM-7RV9-R3FW