Lucene search

[email protected]NVD:CVE-2023-39043

HistorySep 18, 2023 - 9:15 p.m.

CVE-2023-39043

2023-09-1821:15:55

CWE-668

[email protected]

web.nvd.nist.gov

information leak

ykc tokushima_awayokocho line

access token

crafted messages

cve-2023-39043

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

26.1%

JSON

An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

Affected configurations

Nvd

Node

ykctokushima_awayokochoMatch13.6.1line

VendorProductVersionCPE
ykctokushima_awayokocho13.6.1cpe:2.3:a:ykc:tokushima_awayokocho:13.6.1:*:*:*:*:line:*:*

Vendor	Product	Version	CPE
ykc	tokushima_awayokocho	13.6.1	cpe:2.3:a:ykc:tokushima_awayokocho:13.6.1:::::line::

References

tokushimaawayokocho.com

ykc.com

github.com/syz913/CVE-reports/blob/main/CVE-2023-39043.md

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

26.1%

JSON

Related for NVD:CVE-2023-39043

prion1 cve1 cvelist1