Lucene search
HistoryOct 28, 2023 - 1:15 a.m.
CVE-2023-43322
vulnerability
command injection
zpe systems
endpoint
nodegrid os
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
17.6%
ZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to v5.6.13, v5.8.0 to v5.8.10, and v5.10.0 to v5.10.3 was discovered to contain a command injection vulnerability via the endpoint /v1/system/toolkit/files/.
Affected configurations
Node
zpesystemsnodegrid_osRange5.0.0–5.0.18
ORzpesystemsnodegrid_osRange5.2.0–5.2.20
ORzpesystemsnodegrid_osRange5.4.0–5.4.17
ORzpesystemsnodegrid_osRange5.6.0–5.6.14
ORzpesystemsnodegrid_osRange5.8.0–5.8.11
ORzpesystemsnodegrid_osRange5.10.0–5.10.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zpesystems | nodegrid_os | * | cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2023-43322
2023-10-28 00:00:00
cve
cve
CVE-2023-43322
2023-10-28 01:15:51
prion
prion
Command injection
2023-10-28 01:15:00
cvelist
cvelist
CVE-2023-43322
2023-10-28 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
17.6%
Related for NVD:CVE-2023-43322