2023-07-16 02:00:50 +00:00
|
|
|
{
|
|
|
|
|
"id": "CVE-2023-3692",
|
|
|
|
|
"sourceIdentifier": "security@huntr.dev",
|
|
|
|
|
"published": "2023-07-16T01:15:09.893",
|
2023-07-17 14:01:28 +00:00
|
|
|
"lastModified": "2023-07-17T13:02:42.053",
|
|
|
|
|
"vulnStatus": "Awaiting Analysis",
|
2023-07-16 02:00:50 +00:00
|
|
|
"descriptions": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "en",
|
|
|
|
|
"value": "Unrestricted Upload of File with Dangerous Type in GitHub repository admidio/admidio prior to 4.2.10."
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"metrics": {
|
|
|
|
|
"cvssMetricV30": [
|
|
|
|
|
{
|
|
|
|
|
"source": "security@huntr.dev",
|
|
|
|
|
"type": "Secondary",
|
|
|
|
|
"cvssData": {
|
|
|
|
|
"version": "3.0",
|
|
|
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
|
|
|
|
|
"attackVector": "NETWORK",
|
|
|
|
|
"attackComplexity": "LOW",
|
|
|
|
|
"privilegesRequired": "HIGH",
|
|
|
|
|
"userInteraction": "NONE",
|
|
|
|
|
"scope": "UNCHANGED",
|
|
|
|
|
"confidentialityImpact": "HIGH",
|
|
|
|
|
"integrityImpact": "HIGH",
|
|
|
|
|
"availabilityImpact": "LOW",
|
|
|
|
|
"baseScore": 6.7,
|
|
|
|
|
"baseSeverity": "MEDIUM"
|
|
|
|
|
},
|
|
|
|
|
"exploitabilityScore": 1.2,
|
|
|
|
|
"impactScore": 5.5
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"weaknesses": [
|
|
|
|
|
{
|
|
|
|
|
"source": "security@huntr.dev",
|
|
|
|
|
"type": "Primary",
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "en",
|
|
|
|
|
"value": "CWE-434"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"references": [
|
|
|
|
|
{
|
|
|
|
|
"url": "https://github.com/admidio/admidio/commit/d66585d14b1160712a8a9bfaf9769dd3da0e9a83",
|
|
|
|
|
"source": "security@huntr.dev"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"url": "https://huntr.dev/bounties/be6616eb-384d-40d6-b1fd-0ec9e4973f12",
|
|
|
|
|
"source": "security@huntr.dev"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
