Lucene search

[email protected]NVD:CVE-2023-26782

HistoryApr 28, 2023 - 8:15 p.m.

CVE-2023-26782

2023-04-2820:15:13

CWE-94

[email protected]

web.nvd.nist.gov

mccms

denial of service

vulnerability

cache security

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.8%

JSON

An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via Backend management interface ->System Configuration->Cache Configuration->Cache security characters.

Affected configurations

Nvd

Node

chshcmsmccmsMatch2.6.1

VendorProductVersionCPE
chshcmsmccms2.6.1cpe:2.3:a:chshcms:mccms:2.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
chshcms	mccms	2.6.1	cpe:2.3:a:chshcms:mccms:2.6.1:::::::*

References

github.com/chshcms/mccms/issues/2

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.8%

JSON

Related for NVD:CVE-2023-26782

prion1 cvelist1 cve1