Lucene search

[email protected]NVD:CVE-2023-37635

HistoryOct 23, 2023 - 9:15 p.m.

CVE-2023-37635

2023-10-2321:15:08

CWE-307

[email protected]

web.nvd.nist.gov

uvdesk

community skeleton

brute force attacks

unauthenticated

cve-2023-37635

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.7%

JSON

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application.

Affected configurations

NVD

Node

uvdeskcommunity-skeletonMatch1.1.1

References

www.esecforte.com/cve-2023-37635-login-bruteforce/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.7%

JSON

Related for NVD:CVE-2023-37635

prion1 osv1 cve1 cvelist1