Vulnerability-Lookup

CVE-2023-5913 (GCVE-0-2023-5913)

Vulnerability from cvelistv5 – Published: 2023-11-08 16:42 – Updated: 2024-09-04 13:53

Title

A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.

Summary

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE

CWE-266 - Incorrect Privilege Assignment

Assigner

OpenText

References

1 reference

URL	Tags
https://portal.microfocus.com/s/article/KM0000235…

Impacted products

1 product

Vendor	Product	Version
opentext	Fortify ScanCentral DAST	Affected: 21.1 Affected: 21.2 Affected: 21.2.1 Affected: 22.1 Affected: 22.1.1 Affected: 22.2 Affected: 23.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.622Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:51:53.335836Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-266",
                "description": "CWE-266 Incorrect Privilege Assignment",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:53:22.231Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Fortify ScanCentral DAST",
          "vendor": "opentext",
          "versions": [
            {
              "status": "affected",
              "version": "21.1"
            },
            {
              "status": "affected",
              "version": "21.2"
            },
            {
              "status": "affected",
              "version": "21.2.1"
            },
            {
              "status": "affected",
              "version": "22.1"
            },
            {
              "status": "affected",
              "version": "22.1.1"
            },
            {
              "status": "affected",
              "version": "22.2"
            },
            {
              "status": "affected",
              "version": "23.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerability could be exploited to gain elevated privileges\u003c/span\u003e.\u003cp\u003eThis issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\u003c/p\u003e"
            }
          ],
          "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Could lead to gaining elevated privileges"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "CWE-266 Incorrect Privilege Assignment",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-08T16:42:31.074Z",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "OpenText"
      },
      "references": [
        {
          "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\"\u003eportal.microfocus.com/s/article/KM000023500?language=en_US\u003c/a\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \n\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "OpenText",
    "cveId": "CVE-2023-5913",
    "datePublished": "2023-11-08T16:42:31.074Z",
    "dateReserved": "2023-11-01T22:02:30.314Z",
    "dateUpdated": "2024-09-04T13:53:22.231Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-5913",
      "date": "2026-05-25",
      "epss": "0.00218",
      "percentile": "0.44226"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-5913\",\"sourceIdentifier\":\"security@opentext.com\",\"published\":\"2023-11-08T17:15:08.193\",\"lastModified\":\"2024-11-21T08:42:45.787\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de asignaci\u00f3n de privilegios incorrecta en texto abierto Fortify ScanCentral DAST. La vulnerabilidad podr\u00eda aprovecharse para obtener privilegios elevados. Este problema afecta a Fortify ScanCentral DAST versiones 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@opentext.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@opentext.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-266\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-266\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5578907C-9142-461B-88F3-D4510D57E23A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE09FF8-AFDD-4F5E-AF44-FFE8854F5763\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EF4C5A3-E698-469A-A8AB-223AC6013B1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0926D3A0-76B2-435C-B691-58B51EDF81B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"956F2EB1-BF27-4F42-A325-E9F91EF60E5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:22.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DA67A67-DC1E-4FC0-8A9B-8A2192E939BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:fortify_scancentral_dast:23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BFD11CE-87C4-40A2-A6EA-80CF1D465F4B\"}]}]}],\"references\":[{\"url\":\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\",\"source\":\"security@opentext.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.microfocus.com/s/article/KM000023500?language=en_US\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:14:24.622Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5913\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-04T13:51:53.335836Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-266\", \"description\": \"CWE-266 Incorrect Privilege Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-04T13:53:13.536Z\"}}], \"cna\": {\"title\": \"A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Could lead to gaining elevated privileges\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"opentext\", \"product\": \"Fortify ScanCentral DAST\", \"versions\": [{\"status\": \"affected\", \"version\": \"21.1\"}, {\"status\": \"affected\", \"version\": \"21.2\"}, {\"status\": \"affected\", \"version\": \"21.2.1\"}, {\"status\": \"affected\", \"version\": \"22.1\"}, {\"status\": \"affected\", \"version\": \"22.1.1\"}, {\"status\": \"affected\", \"version\": \"22.2\"}, {\"status\": \"affected\", \"version\": \"23.1\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"\\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\\\"\u003eportal.microfocus.com/s/article/KM000023500?language=en_US\u003c/a\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://portal.microfocus.com/s/article/KM000023500?language=en_US\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u0026nbsp;vulnerability could be exploited to gain elevated privileges\u003c/span\u003e.\u003cp\u003eThis issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-266\", \"description\": \"CWE-266 Incorrect Privilege Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"f81092c5-7f14-476d-80dc-24857f90be84\", \"shortName\": \"OpenText\", \"dateUpdated\": \"2023-11-08T16:42:31.074Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-5913\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-04T13:53:22.231Z\", \"dateReserved\": \"2023-11-01T22:02:30.314Z\", \"assignerOrgId\": \"f81092c5-7f14-476d-80dc-24857f90be84\", \"datePublished\": \"2023-11-08T16:42:31.074Z\", \"assignerShortName\": \"OpenText\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2024-01220

Vulnerability from fstec - Published: 06.11.2023

Title

Уязвимость сканера безопасности веб-приложений Fortify ScanCentral DAST, связанная с некорректным присваиванием привилегий, позволяющая нарушителю повысить свои привилегии

Description

Уязвимость сканера безопасности веб-приложений Fortify ScanCentral DAST связана с некорректным присваиванием привилегий. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Micro Focus International

Software Name

Fortify ScanCentral DAST

Software Version

21.2 (Fortify ScanCentral DAST), 21.1 (Fortify ScanCentral DAST), 21.2.1 (Fortify ScanCentral DAST), 22.1 (Fortify ScanCentral DAST), 22.1.1 (Fortify ScanCentral DAST), 22.2 (Fortify ScanCentral DAST), 23.1 (Fortify ScanCentral DAST)

Possible Mitigations

Использование рекомендаций: https://portal.microfocus.com/s/article/KM000023500?language=en_US

Reference

https://portal.microfocus.com/s/article/KM000023500?language=en_US

CWE

CWE-266

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Micro Focus International",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "21.2 (Fortify ScanCentral DAST), 21.1 (Fortify ScanCentral DAST), 21.2.1 (Fortify ScanCentral DAST), 22.1 (Fortify ScanCentral DAST), 22.1.1 (Fortify ScanCentral DAST), 22.2 (Fortify ScanCentral DAST), 23.1 (Fortify ScanCentral DAST)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://portal.microfocus.com/s/article/KM000023500?language=en_US",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "14.02.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.02.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-01220",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-5913",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Fortify ScanCentral DAST",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Fortify ScanCentral DAST, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u043c \u043f\u0440\u0438\u0441\u0432\u0430\u0438\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u0441\u0432\u0430\u0438\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CWE-266)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u043d\u0435\u0440\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Fortify ScanCentral DAST \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u043c \u043f\u0440\u0438\u0441\u0432\u0430\u0438\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://portal.microfocus.com/s/article/KM000023500?language=en_US",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-266",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

FKIE_CVE-2023-5913

Vulnerability from fkie_nvd - Published: 2023-11-08 17:15 - Updated: 2024-11-21 08:42

Severity

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@opentext.com	https://portal.microfocus.com/s/article/KM000023500?language=en_US	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://portal.microfocus.com/s/article/KM000023500?language=en_US	Vendor Advisory

Impacted products

Vendor	Product	Version
microfocus	fortify_scancentral_dast	21.1
microfocus	fortify_scancentral_dast	21.2
microfocus	fortify_scancentral_dast	21.2.1
microfocus	fortify_scancentral_dast	22.1
microfocus	fortify_scancentral_dast	22.1.1
microfocus	fortify_scancentral_dast	22.2
microfocus	fortify_scancentral_dast	23.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5578907C-9142-461B-88F3-D4510D57E23A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE09FF8-AFDD-4F5E-AF44-FFE8854F5763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EF4C5A3-E698-469A-A8AB-223AC6013B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0926D3A0-76B2-435C-B691-58B51EDF81B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "956F2EB1-BF27-4F42-A325-E9F91EF60E5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DA67A67-DC1E-4FC0-8A9B-8A2192E939BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:23.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BFD11CE-87C4-40A2-A6EA-80CF1D465F4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de asignaci\u00f3n de privilegios incorrecta en texto abierto Fortify ScanCentral DAST. La vulnerabilidad podr\u00eda aprovecharse para obtener privilegios elevados. Este problema afecta a Fortify ScanCentral DAST versiones 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1."
    }
  ],
  "id": "CVE-2023-5913",
  "lastModified": "2024-11-21T08:42:45.787",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "security@opentext.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-11-08T17:15:08.193",
  "references": [
    {
      "source": "security@opentext.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
    }
  ],
  "sourceIdentifier": "security@opentext.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-266"
        }
      ],
      "source": "security@opentext.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-266"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-M86C-6G87-95PQ

Vulnerability from github – Published: 2023-11-08 18:30 – Updated: 2024-09-04 15:30

Details

Severity

8.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-5913"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-08T17:15:08Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n",
  "id": "GHSA-m86c-6g87-95pq",
  "modified": "2024-09-04T15:30:32Z",
  "published": "2023-11-08T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5913"
    },
    {
      "type": "WEB",
      "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2023-5913

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-5913

Aliases

CVE-2023-5913

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-5913",
    "id": "GSD-2023-5913"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-5913"
      ],
      "details": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n",
      "id": "GSD-2023-5913",
      "modified": "2023-12-13T01:20:50.463486Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@opentext.com",
        "ID": "CVE-2023-5913",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Fortify ScanCentral DAST",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "21.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "21.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "21.2.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "22.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "22.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "22.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "23.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "opentext"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-266",
                "lang": "eng",
                "value": "CWE-266 Incorrect Privilege Assignment"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://portal.microfocus.com/s/article/KM000023500?language=en_US",
            "refsource": "MISC",
            "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\"\u003eportal.microfocus.com/s/article/KM000023500?language=en_US\u003c/a\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \n\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:fortify_scancentral_dast:23.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@opentext.com",
          "ID": "CVE-2023-5913"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.microfocus.com/s/article/KM000023500?language=en_US",
              "refsource": "",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-11-16T17:00Z",
      "publishedDate": "2023-11-08T17:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-5913 (GCVE-0-2023-5913)

BDU:2024-01220

FKIE_CVE-2023-5913

GHSA-M86C-6G87-95PQ

GSD-2023-5913

Tags

Sightings

Nomenclature