← Retour aux CVEs
CVE-2023-41892
CRITICAL10.0
Description
Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.
Details CVE
Score CVSS v3.110.0
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie9/13/2023
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
craftcms:craft_cms
Faiblesses (CWE)
CWE-94
References
http://packetstormsecurity.com/files/176303/Craft-CMS-4.4.14-Remote-Code-Execution.html(security-advisories@github.com)
https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4415---2023-07-03-critical(security-advisories@github.com)
https://github.com/craftcms/cms/commit/7359d18d46389ffac86c2af1e0cd59e37c298857(security-advisories@github.com)
https://github.com/craftcms/cms/commit/a270b928f3d34ad3bd953b81c304424edd57355e(security-advisories@github.com)
https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1(security-advisories@github.com)
https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1#diff-47dd43d86f85161944dfcce2e41d31955c4184672d9bd9d82b948c6b01b86476(security-advisories@github.com)
https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g(security-advisories@github.com)
http://packetstormsecurity.com/files/176303/Craft-CMS-4.4.14-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4415---2023-07-03-critical(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/craftcms/cms/commit/7359d18d46389ffac86c2af1e0cd59e37c298857(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/craftcms/cms/commit/a270b928f3d34ad3bd953b81c304424edd57355e(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1#diff-47dd43d86f85161944dfcce2e41d31955c4184672d9bd9d82b948c6b01b86476(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.