mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
129 lines
5.2 KiB
JSON
129 lines
5.2 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-7193",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found in MTab Bookmark up to 1.2.6 and classified as critical. This issue affects some unknown processing of the file public/install.php of the component Installation. The manipulation leads to improper access controls. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249395. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Eine kritische Schwachstelle wurde in MTab Bookmark bis 1.2.6 gefunden. Davon betroffen ist unbekannter Code der Datei public/install.php der Komponente Installation. Durch die Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Die Ausnutzbarkeit gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-284 Improper Access Controls",
|
|
"cweId": "CWE-284"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "MTab",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Bookmark",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.2.6"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.249395",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.249395"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.249395",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.249395"
|
|
},
|
|
{
|
|
"url": "https://note.zhaoj.in/share/StNQi1dYnB5w",
|
|
"refsource": "MISC",
|
|
"name": "https://note.zhaoj.in/share/StNQi1dYnB5w"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "glzjin (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 4.6,
|
|
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 4.6,
|
|
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 4,
|
|
"vectorString": "AV:A/AC:H/Au:S/C:P/I:P/A:P"
|
|
}
|
|
]
|
|
}
|
|
} |