8.3
CVE-2023-32226
- EPSS 0.06%
- Veröffentlicht 30.07.2023 08:15:47
- Zuletzt bearbeitet 21.11.2024 08:02:56
- Quelle cna@cyber.gov.il
- CVE-Watchlists
- Unerledigt
LoginSysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sysaid ≫ Sysaid On-premises Version < 23.2.14
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.174 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| cna@cyber.gov.il | 8.3 | 2.8 | 5.5 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
|
CWE-552 Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.