Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2023-41878
HistorySep 27, 2023 - 3:19 p.m.

CVE-2023-41878

2023-09-2715:19:30
Google
osv.dev
89
metersphere
continuous testing
open source
cve-2023-41878
fixed
version 2.10.7
software issue

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

41.3%

JSON

MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Metersphere is using a weak password by default, attackers can login to vnc and obtain high permissions. This issue has been addressed in version 2.10.7 LTS. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related

prion 1
nvd 1
cve 1
vulnrichment 1
cvelist 1
prion
prion
Design/Logic Flaw
2023-09-27 15:19:00
nvd
nvd
CVE-2023-41878
2023-09-27 15:19:30
cve
cve
CVE-2023-41878
2023-09-27 15:19:30
vulnrichment
vulnrichment
CVE-2023-41878 Weak password of selenium VNC in MeterSphere
2023-09-26 22:53:27
cvelist
cvelist
CVE-2023-41878 Weak password of selenium VNC in MeterSphere
2023-09-26 22:53:27

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

41.3%

JSON
Related for OSV:CVE-2023-41878
prion1nvd1cve1vulnrichment1cvelist1