Lucene search

[email protected]NVD:CVE-2023-31818

HistoryJul 11, 2023 - 3:15 p.m.

CVE-2023-31818

2023-07-1115:15:20

CWE-668

[email protected]

web.nvd.nist.gov

marukyu line

remote access

sensitive information

channel access token

miniapp function

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

69.2%

JSON

An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.

Affected configurations

Nvd

Node

marukyumarukyu_lineMatch13.4.1

VendorProductVersionCPE
marukyumarukyu_line13.4.1cpe:2.3:a:marukyu:marukyu_line:13.4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
marukyu	marukyu_line	13.4.1	cpe:2.3:a:marukyu:marukyu_line:13.4.1:::::::*

References

marukyu.com

github.com/syz913/CVE-reports/blob/main/CVE-2023-31818.md

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

69.2%

JSON

Related for NVD:CVE-2023-31818

cvelist1 prion1 cve1