admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-401xx/CVE-2023-40173.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

136 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-40173",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-18T22:15:11.127",
"lastModified": "2024-11-21T08:18:55.597",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue."
},
{
"lang": "es",
"value": "Social media skeleton es un proyecto/framework de social media sin completar implementado usando php, css, javascript y html. Antes de la versi\u00f3n 1.0.5 Social media skeleton no salteaba correctamente las contrase\u00f1as dejando las contrase\u00f1as de los usuarios susceptibles de ser crackeadas si un atacante obten\u00eda acceso a las contrase\u00f1as salteadas. Este problema se ha solucionado en la versi\u00f3n 1.0.5 y se recomienda a los usuarios que la actualicen. No se conocen soluciones para este problema. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fobybus:social-media-skeleton:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "C6B65799-63F2-4F3B-B6F8-BF9DD02EAB93"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fobybus/social-media-skeleton/commit/df31da44ffed3ea065cbbadc3c8052d0d489a2ef",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-rfmv-7m7g-v628",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fobybus/social-media-skeleton/commit/df31da44ffed3ea065cbbadc3c8052d0d489a2ef",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-rfmv-7m7g-v628",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink