Lucene search

[email protected]CVE-2023-39519

HistoryAug 24, 2023 - 11:15 p.m.

CVE-2023-39519

2023-08-2423:15:08

CWE-200

[email protected]

web.nvd.nist.gov

cve-2023-39519

cloud explorer lite

open source

cloud management

sensitive information leakage

risk

version 1.4.0

vulnerability fix

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.3%

JSON

Cloud Explorer Lite is an open source cloud management platform. Prior to version 1.4.0, there is a risk of sensitive information leakage in the user information acquisition of CloudExplorer Lite. The vulnerability has been fixed in version 1.4.0.

Affected configurations

Vulners

NVD

Node

cloudexplorer-devcloudexplorer_liteRange<1.4.0

CPENameOperatorVersion
fit2cloud:cloudexplorer_litefit2cloud cloudexplorer litelt1.4.0

CPE	Name	Operator	Version
fit2cloud:cloudexplorer_lite	fit2cloud cloudexplorer lite	lt	1.4.0

CNA Affected

[
  {
    "vendor": "CloudExplorer-Dev",
    "product": "CloudExplorer-Lite",
    "versions": [
      {
        "version": "< 1.4.0",
        "status": "affected"
      }
    ]
  }
]

References

github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.4.0

github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-hh2g-77xq-x4vq

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.3%

JSON

Related for CVE-2023-39519

osv1 prion1 cvelist1 nvd1