Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentMitreVULNRICHMENT:CVE-2023-44794
HistoryOct 25, 2023 - 12:00 a.m.

CVE-2023-44794

2023-10-2500:00:00
mitre
github.com
1
dromara satoken
remote attack
privilege escalation
crafted payload
url

AI Score

7

Confidence

Low

EPSS

0.002

Percentile

59.9%

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

total

JSON

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:dromara:sa-token:-:*:*:*:*:*:*:*"
    ],
    "vendor": "dromara",
    "product": "sa-token",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.36.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

nvd 1
cvelist 1
veracode 1
github 1
ibm 1
gitlab 1
cve 1
prion 1
osv 1
nvd
nvd
CVE-2023-44794
2023-10-25 18:17:32
cvelist
cvelist
CVE-2023-44794
2023-10-25 00:00:00
veracode
veracode
Authentication Bypass
2023-10-26 11:18:19
github
github
SaToken privilege escalation vulnerability
2023-10-25 18:32:23
ibm
ibm
Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to privilege escalation due to Spring-Web (CVE-2023-44794)
2024-05-07 10:07:02
gitlab
gitlab
SaToken privilege escalation vulnerability
2023-10-25 00:00:00
cve
cve
CVE-2023-44794
2023-10-25 18:17:32
prion
prion
Design/Logic Flaw
2023-10-25 18:17:00
osv
osv
SaToken privilege escalation vulnerability
2023-10-25 18:32:23

AI Score

7

Confidence

Low

EPSS

0.002

Percentile

59.9%

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

total

JSON
Related for VULNRICHMENT:CVE-2023-44794
nvd1cvelist1veracode1github1ibm1gitlab1cve1prion1osv1