CVE-2023-5862

Exploit

EPSS 0.03%
Veröffentlicht 31.10.2023 01:15:07
Zuletzt bearbeitet 21.11.2024 08:42:39
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

Missing Authorization in GitHub repository hamza417/inure prior to Build95.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hamza417 ≫ Inure Versionbuild44 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild45 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild46 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild47 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild48 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild49 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild51 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild52 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild53 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild55 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild56 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild57 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild58 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild59 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild60 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild61 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild62 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild63 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild64 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild65 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild66 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild67 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild68 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild69 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild70 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild71 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild72 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild73 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild74 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild75 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild76 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild77 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild78 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild79 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild80 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild83 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild85 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild86 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild87 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild88 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild89 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild92 SwPlatformandroid

Hamza417 ≫ Inure Versionbuild94 SwPlatformandroid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.071

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
security@huntr.dev	5.1	2.5	2.5	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://github.com/hamza417/inure/commit/52b8c0bae36f129a5be05e377d7391afc3629df6

Patch

https://huntr.com/bounties/0e517db6-d8ba-4cb9-9339-7991dda52e6d

Patch

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-5862

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-5862

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-5862

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-5862