CVE-2023-37199

Published at:
2023-07-12T08:15:10.133
Source: [email protected]

Global infos:

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote code execution when an admin user on DCE tampers with backups which are then manually restored.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorNETWORK
    Availability ImpactHIGH
    Base Score6.8
    Base SeverityMEDIUM
    Confidentiality ImpactHIGH
    Integrity ImpactHIGH
    Privileges RequiredHIGH
    ScopeUNCHANGED
    User InteractionREQUIRED
    Vector StringCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
    Exploitability Score0.9
    Impact Score5.9
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords