← Zuruck zu CVEs
CVE-2023-6761
MEDIUM4.3
Beschreibung
A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknown processing of the component User Data Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247889 was assigned to this vulnerability.
CVE Details
CVSS v3.1 Bewertung4.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht12/13/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
thecosy:icecms
Schwachen (CWE)
CWE-284
Referenzen
http://39.106.130.187/chui/1.html(cna@vuldb.com)
https://vuldb.com/?ctiid.247889(cna@vuldb.com)
https://vuldb.com/?id.247889(cna@vuldb.com)
http://39.106.130.187/chui/1.html(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?ctiid.247889(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?id.247889(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.