Lucene search

INCDCVELIST:CVE-2023-24499

HistoryFeb 15, 2023 - 12:00 a.m.

CVE-2023-24499 Butterfly Button plugin may leave traces of its use on user's device

2023-02-1500:00:00

INCD

www.cve.org

cve-2023-24499

butterfly button plugin

traces

user's device

reporting domestic problems

spouse

knowing

CVSS3

4.3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

Butterfly Button plugin may leave traces of its use on user’s device. Since it is used for reporting domestic problems, this may lead to spouse knowing about its use.

CNA Affected

[
  {
    "vendor": "Butterfly Button",
    "product": "Butterfly Button plugin",
    "versions": [
      {
        "version": ".",
        "status": "affected"
      }
    ]
  }
]

References

www.gov.il/en/Departments/faq/cve_advisories

CVSS3

4.3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

Related for CVELIST:CVE-2023-24499