8.1
CVE-2023-22891
- EPSS 0.16%
- Veröffentlicht 08.03.2023 21:15:10
- Zuletzt bearbeitet 05.03.2025 21:15:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThere exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Smartbear ≫ Zephyr Enterprise Version <= 7.15
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.376 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.