Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for fortify_scancentral_dast by microfocus

    CVE-2023-5913 (GCVE-0-2023-5913)

    Vulnerability from nvd – Published: 2023-11-08 16:42 – Updated: 2024-09-04 13:53
    VLAI
    Title
    A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
    Summary
    Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    opentext Fortify ScanCentral DAST Affected: 21.1
    Affected: 21.2
    Affected: 21.2.1
    Affected: 22.1
    Affected: 22.1.1
    Affected: 22.2
    Affected: 23.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:14:24.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5913",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-04T13:51:53.335836Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-266",
                    "description": "CWE-266 Incorrect Privilege Assignment",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-04T13:53:22.231Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Fortify ScanCentral DAST",
              "vendor": "opentext",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.1"
                },
                {
                  "status": "affected",
                  "version": "21.2"
                },
                {
                  "status": "affected",
                  "version": "21.2.1"
                },
                {
                  "status": "affected",
                  "version": "22.1"
                },
                {
                  "status": "affected",
                  "version": "22.1.1"
                },
                {
                  "status": "affected",
                  "version": "22.2"
                },
                {
                  "status": "affected",
                  "version": "23.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerability could be exploited to gain elevated privileges\u003c/span\u003e.\u003cp\u003eThis issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\u003c/p\u003e"
                }
              ],
              "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Could lead to gaining elevated privileges"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-08T16:42:31.074Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "OpenText"
          },
          "references": [
            {
              "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\"\u003eportal.microfocus.com/s/article/KM000023500?language=en_US\u003c/a\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "OpenText",
        "cveId": "CVE-2023-5913",
        "datePublished": "2023-11-08T16:42:31.074Z",
        "dateReserved": "2023-11-01T22:02:30.314Z",
        "dateUpdated": "2024-09-04T13:53:22.231Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5913 (GCVE-0-2023-5913)

    Vulnerability from cvelistv5 – Published: 2023-11-08 16:42 – Updated: 2024-09-04 13:53
    VLAI
    Title
    A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
    Summary
    Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    Impacted products
    Vendor Product Version
    opentext Fortify ScanCentral DAST Affected: 21.1
    Affected: 21.2
    Affected: 21.2.1
    Affected: 22.1
    Affected: 22.1.1
    Affected: 22.2
    Affected: 23.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:14:24.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-5913",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-04T13:51:53.335836Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-266",
                    "description": "CWE-266 Incorrect Privilege Assignment",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-04T13:53:22.231Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Fortify ScanCentral DAST",
              "vendor": "opentext",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.1"
                },
                {
                  "status": "affected",
                  "version": "21.2"
                },
                {
                  "status": "affected",
                  "version": "21.2.1"
                },
                {
                  "status": "affected",
                  "version": "22.1"
                },
                {
                  "status": "affected",
                  "version": "22.1.1"
                },
                {
                  "status": "affected",
                  "version": "22.2"
                },
                {
                  "status": "affected",
                  "version": "23.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerability could be exploited to gain elevated privileges\u003c/span\u003e.\u003cp\u003eThis issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\u003c/p\u003e"
                }
              ],
              "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Could lead to gaining elevated privileges"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "CWE-266 Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-08T16:42:31.074Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "OpenText"
          },
          "references": [
            {
              "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\"\u003eportal.microfocus.com/s/article/KM000023500?language=en_US\u003c/a\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \n\n\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "OpenText",
        "cveId": "CVE-2023-5913",
        "datePublished": "2023-11-08T16:42:31.074Z",
        "dateReserved": "2023-11-01T22:02:30.314Z",
        "dateUpdated": "2024-09-04T13:53:22.231Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }