Lucene search
@huntrdevCVE-2023-2881HistoryMay 25, 2023 - 9:15 a.m.
CVE-2023-2881
2023-05-2509:15:11
CWE-522
CWE-257
@huntrdev
web.nvd.nist.gov
29
cve-2023-2881
password storage
github
nvd
security issue
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
45.5%
Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
Affected configurations
Node
pimcorecustomer-data-frameworkRange<3.3.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pimcore | customer-data-framework | * | cpe:2.3:a:pimcore:customer-data-framework:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "pimcore",
"product": "pimcore/customer-data-framework",
"versions": [
{
"version": "unspecified",
"lessThan": "3.3.10",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
github
github
Pimcore customers' list user password hash is disclosed
2023-05-25 16:57:01
nvd
nvd
CVE-2023-2881
2023-05-25 09:15:11
huntr
huntr
all user password hash is disclosed
2023-05-02 14:41:33
osv
osv
Pimcore customers' list user password hash is disclosed
2023-05-25 16:57:01
CVE-2023-2881
2023-05-25 09:15:11
prion
prion
Format string
2023-05-25 09:15:00
cvelist
cvelist
veracode
veracode
Password Hash Disclosure
2023-06-08 06:52:39
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
45.5%
Related for CVE-2023-2881