Lucene search

GoogleOSV:CVE-2023-5839

HistoryOct 29, 2023 - 1:15 a.m.

CVE-2023-5839

2023-10-2901:15:41

Google

osv.dev

github

privilege chaining

hestiacp

security vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9.

CPENameOperatorVersion
hestiacpeq1.4.9
hestiacpeq1.4.8
hestiacpeq1.5.10
hestiacpeq1.5.9
hestiacpeq1.6.1
hestiacpeq1.4.14
hestiacpeq1.5.1
hestiacpeq1.5.4
hestiacpeq1.5.14
hestiacpeq1.6.2

Name	Operator	Version
hestiacp	eq	1.4.9
hestiacp	eq	1.4.8
hestiacp	eq	1.5.10
hestiacp	eq	1.5.9
hestiacp	eq	1.6.1
hestiacp	eq	1.4.14
hestiacp	eq	1.5.1
hestiacp	eq	1.5.4
hestiacp	eq	1.5.14
hestiacp	eq	1.6.2

Rows per page:

1-10 of 491

References

github.com/hestiacp/hestiacp/commit/acb766e1db53de70534524b3fbc2270689112630

huntr.com/bounties/21125f12-64a0-42a3-b218-26b9945a5bc0

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for OSV:CVE-2023-5839