Lucene search

AutodeskCVE-2023-41145

HistoryNov 22, 2023 - 7:15 a.m.

CVE-2023-41145

2023-11-2207:15:07

autodesk

web.nvd.nist.gov

autodesk

license

access

nvd

security

account

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Autodesk users who no longer have an active license for an account can still access cases for that account.

Affected configurations

Nvd

Node

autodeskcustomer_portalMatch-

VendorProductVersionCPE
autodeskcustomer_portal-cpe:2.3:a:autodesk:customer_portal:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
autodesk	customer_portal	-	cpe:2.3:a:autodesk:customer_portal:-:::::::*

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Customer Portal",
    "vendor": "Autodesk",
    "versions": [
      {
        "status": "unknown",
        "version": "0"
      }
    ]
  }
]

References

www.autodesk.com/trust/security-advisories/adsk-sa-2023-0020

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Related for CVE-2023-41145