Lucene search
@huntrdevCVE-2023-4877HistorySep 10, 2023 - 1:15 a.m.
CVE-2023-4877
2023-09-1001:15:08
CWE-200
@huntrdev
web.nvd.nist.gov
34
cve-2023-4877
information security
github
sensitive information
unauthorized access
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.3
Confidence
High
EPSS
0.001
Percentile
49.2%
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92.
Affected configurations
Node
hamza417inureRange<build92android
CNA Affected
[
{
"vendor": "hamza417",
"product": "hamza417/inure",
"versions": [
{
"version": "unspecified",
"lessThan": "build92",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
huntr
huntr
Android Manifest Misconfiguration Leading to Task Hijacking
2023-08-20 19:39:00
osv
osv
CVE-2023-4877
2023-09-10 01:15:08
nvd
nvd
CVE-2023-4877
2023-09-10 01:15:08
prion
prion
Hardcoded credentials
2023-09-10 01:15:00
cvelist
cvelist
vulnrichment
vulnrichment
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.3
Confidence
High
EPSS
0.001
Percentile
49.2%
Related for CVE-2023-4877