Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveOpenTextCVE-2023-4553
HistoryJan 29, 2024 - 9:15 p.m.

CVE-2023-4553

2024-01-2921:15:09
CWE-20
OpenText
web.nvd.nist.gov
25
cve-2023-4553
improper input validation
opentext appbuilder
windows
linux
probe system files
configuration files
unauthorized access

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

20.5%

JSON

Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files.

AppBuilder configuration files are viewable by unauthenticated users.

This issue affects AppBuilder: from 21.2 before 23.2.

Affected configurations

Nvd
Node
opentextappbuilderRange21.223.2
AND
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
VendorProductVersionCPE
opentextappbuilder*cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "Linux"
    ],
    "product": "AppBuilder",
    "vendor": "OpenText",
    "versions": [
      {
        "status": "unaffected",
        "version": "23.2"
      },
      {
        "lessThan": "23.2",
        "status": "affected",
        "version": "21.2",
        "versionType": "custom"
      }
    ]
  }
]

Related

vulnrichment 1
cvelist 1
prion 1
nvd 1
vulnrichment
vulnrichment
CVE-2023-4553 Unauthenticated Access to AppBuilder Configuration Files
2024-01-29 20:56:45
cvelist
cvelist
CVE-2023-4553 Unauthenticated Access to AppBuilder Configuration Files
2024-01-29 20:56:45
prion
prion
Input validation
2024-01-29 21:15:00
nvd
nvd
CVE-2023-4553
2024-01-29 21:15:09

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

20.5%

JSON
Related for CVE-2023-4553
vulnrichment1cvelist1prion1nvd1