Lucene search

[email protected]NVD:CVE-2023-33558

HistoryOct 26, 2023 - 9:15 p.m.

CVE-2023-33558

2023-10-2621:15:07

[email protected]

web.nvd.nist.gov

cve-2023-33558

information disclosure

ocomon

users-grid-data.php

sensitive information

emails

usernames

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.4%

JSON

An information disclosure vulnerability in the component users-grid-data.php of Ocomon before v4.0.1 allows attackers to obtain sensitive information such as e-mails and usernames.

Affected configurations

NVD

Node

ocomon_projectocomonRange<4.0.1

References

github.com/ninj4c0d3r/OcoMon-Research

github.com/ninj4c0d3r/OcoMon-Research/commit/6357def478b11119270b89329fceb115f12c69fc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.4%

JSON

Related for NVD:CVE-2023-33558

osv1 cvelist1 cve1 prion1