Lucene search
INCIBEVULNRICHMENT:CVE-2023-4884HistoryOct 03, 2023 - 2:46 p.m.
CVE-2023-4884 Multiple vulnerabilities in Open5GS
2023-10-0314:46:57
CWE-306
INCIBE
github.com
open5gs
vulnerabilities
authentication
http request
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.
Related
cve
cve
CVE-2023-4884
2023-10-03 15:15:40
prion
prion
Authentication flaw
2023-10-03 15:15:00
nvd
nvd
CVE-2023-4884
2023-10-03 15:15:40
cnvd
cnvd
Open5GS Access Control Error Vulnerability
2023-10-11 00:00:00
cvelist
cvelist
CVE-2023-4884 Multiple vulnerabilities in Open5GS
2023-10-03 14:46:57
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-4884