Lucene search
HistoryJan 25, 2024 - 9:15 p.m.
CVE-2023-52251
provectus kafka-ui
code execution
remote attack
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9
Confidence
High
EPSS
0.945
Percentile
99.3%
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.
Affected configurations
Node
provectusuiRange0.4.0–0.7.1kafka
Related
prion
prion
Code injection
2024-01-25 21:15:00
nuclei
nuclei
Kafka UI 0.7.1 Command Injection
2024-03-14 08:49:09
osv
osv
CVE-2023-52251
2024-01-25 21:15:08
zdt
zdt
Kafka UI 0.7.1 Command Injection Exploit
2024-02-20 00:00:00
metasploit
metasploit
githubexploit
githubexploit
Exploit for Code Injection in Provectus Ui
2024-01-06 11:07:36
cvelist
cvelist
CVE-2023-52251
2024-01-25 00:00:00
cve
cve
CVE-2023-52251
2024-01-25 21:15:08
packetstorm
packetstorm
Kafka UI 0.7.1 Command Injection
2024-02-20 00:00:00
github
github
3 ways to get Remote Code Execution in Kafka UI
2024-07-22 15:00:59
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 02/23/2024
2024-02-23 17:50:39
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9
Confidence
High
EPSS
0.945
Percentile
99.3%
Related for NVD:CVE-2023-52251