Lucene search
Veracode Vulnerability DatabaseVERACODE:41121HistoryJul 05, 2023 - 11:39 a.m.
Denial Of Service (DoS)
2023-07-0511:39:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
vulnerability
dos attack
products_cmfcore
malicious input
portalfolder objects
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
37.7%
products_cmfcore is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to cause an application crash via injecting malicious input through the PortalFolder objects.
Related
cve
cve
CVE-2023-36814
2023-07-03 17:15:09
cvelist
cvelist
osv
osv
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
2023-07-05 22:42:09
PYSEC-2023-113
2023-07-03 17:15:00
CVE-2023-36814
2023-07-03 17:15:09
nvd
nvd
CVE-2023-36814
2023-07-03 17:15:09
prion
prion
Code injection
2023-07-03 17:15:00
github
github
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
37.7%
Related for VERACODE:41121