admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-466xx/CVE-2023-46694.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

64 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-46694",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-28T20:16:20.743",
"lastModified": "2024-11-21T08:29:05.667",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality."
},
{
"lang": "es",
"value": "Vtenext 21.02 permite a un atacante autenticado cargar archivos arbitrarios, lo que potencialmente le permite ejecutar comandos remotos. Esta falla existe debido a que la aplicaci\u00f3n no aplica los controles de autenticaci\u00f3n adecuados al acceder a la funcionalidad del administrador de archivos de Ckeditor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/invisiblebyte/CVE-2023-46694",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/invisiblebyte/CVE-2023-46694",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink