nvd-json-data-feeds/CVE-2023/CVE-2023-513xx/CVE-2023-51380.json

{
  "id": "CVE-2023-51380",
  "sourceIdentifier": "product-cna@github.com",
  "published": "2023-12-21T21:15:13.757",
  "lastModified": "2023-12-21T21:15:13.757",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "product-cna@github.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.7,
          "baseSeverity": "LOW"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "product-cna@github.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
      "source": "product-cna@github.com"
    },
    {
      "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
      "source": "product-cna@github.com"
    },
    {
      "url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
      "source": "product-cna@github.com"
    },
    {
      "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
      "source": "product-cna@github.com"
    },
    {
      "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
      "source": "product-cna@github.com"
    }
  ]
}