Lucene search

GoogleOSV:CVE-2023-4381

HistoryAug 16, 2023 - 12:15 p.m.

CVE-2023-4381

2023-08-1612:15:13

Google

osv.dev

github

password change

software

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git.

CPENameOperatorVersion
icms2eq2.6.1
icms2eq2.4.0
icms2eq2.14.1
icms2eq2.7.1
icms2eq2.7.0
icms2eq2.15.0
icms2eq2.7.2
icms2eq2.9.0
icms2eq2.6.0
icms2eq2.14.2

Name	Operator	Version
icms2	eq	2.6.1
icms2	eq	2.4.0
icms2	eq	2.14.1
icms2	eq	2.7.1
icms2	eq	2.7.0
icms2	eq	2.15.0
icms2	eq	2.7.2
icms2	eq	2.9.0
icms2	eq	2.6.0
icms2	eq	2.14.2

Rows per page:

1-10 of 291

References

github.com/instantsoft/icms2/commit/58f8b9941b53b606a1b15a4364005cd2b1965507

huntr.dev/bounties/666c2617-e3e9-4955-9c97-2f8ed5262cc3

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Related for OSV:CVE-2023-4381