CVE-2023-5321

Exploit

EPSS 0.03%
Veröffentlicht 30.09.2023 14:15:15
Zuletzt bearbeitet 21.11.2024 08:41:31
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

Missing Authorization in GitHub repository hamza417/inure prior to build94.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hamza417 ≫ Inure Versionbuild44 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild45 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild46 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild47 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild48 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild49 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild51 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild52 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild53 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild55 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild56 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild57 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild58 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild59 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild60 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild61 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild62 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild63 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild64 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild65 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild66 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild67 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild68 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild69 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild70 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild71 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild72 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild73 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild74 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild75 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild76 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild77 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild78 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild79 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild80 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild83 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild85 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild86 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild87 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild88 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild89 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild92 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild93 SwPlatformandroid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.081

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
security@huntr.dev	5.1	2.5	2.5	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://github.com/hamza417/inure/commit/57fda918bfd2fb863f579841a46363fe8e10c29b

Patch

https://huntr.dev/bounties/b1becc68-e738-458f-bd99-06ee77580d3a

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-5321

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-5321

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-5321

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-5321