Lucene search

[email protected]CVE-2023-5948

HistoryNov 03, 2023 - 7:15 a.m.

CVE-2023-5948

2023-11-0307:15:14

CWE-285

[email protected]

web.nvd.nist.gov

cve-2023-5948

improper authorization

github

repository

teamamaze

amazefileutilities

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

JSON

Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.

Affected configurations

NVD

Node

teamamazeamaze_file_utilitiesRange<1.90android

CPENameOperatorVersion
teamamaze:amaze_file_utilitiesteamamaze amaze file utilitieslt1.90

CPE	Name	Operator	Version
teamamaze:amaze_file_utilities	teamamaze amaze file utilities	lt	1.90

CNA Affected

[
  {
    "vendor": "teamamaze",
    "product": "teamamaze/amazefileutilities",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.91",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/teamamaze/amazefileutilities/commit/62d02204d452603ab85c50d43c7c680e4256c7d7

huntr.com/bounties/ac1363b5-207b-40d9-aac5-e66d6213f692

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

JSON

Related for CVE-2023-5948

osv1 nvd1 prion1 cvelist1