Lucene search

GoogleOSV:CVE-2023-39519

HistoryAug 24, 2023 - 11:15 p.m.

CVE-2023-39519

2023-08-2423:15:08

Google

osv.dev

cloud explorer lite

sensitive information leakage

user information acquisition

vulnerability

fixed

software

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.1%

JSON

Cloud Explorer Lite is an open source cloud management platform. Prior to version 1.4.0, there is a risk of sensitive information leakage in the user information acquisition of CloudExplorer Lite. The vulnerability has been fixed in version 1.4.0.

CPENameOperatorVersion
cloudexplorer-liteeq0.3.3
cloudexplorer-liteeq1.3.0
cloudexplorer-liteeq1.0.1
cloudexplorer-liteeq0.4.2
cloudexplorer-liteeq1.1.0
cloudexplorer-liteeq0.4.1
cloudexplorer-liteeq0.1
cloudexplorer-liteeq0.3.1
cloudexplorer-liteeq0.4.0
cloudexplorer-liteeq0.3.0

Name	Operator	Version
cloudexplorer-lite	eq	0.3.3
cloudexplorer-lite	eq	1.3.0
cloudexplorer-lite	eq	1.0.1
cloudexplorer-lite	eq	0.4.2
cloudexplorer-lite	eq	1.1.0
cloudexplorer-lite	eq	0.4.1
cloudexplorer-lite	eq	0.1
cloudexplorer-lite	eq	0.3.1
cloudexplorer-lite	eq	0.4.0
cloudexplorer-lite	eq	0.3.0

Rows per page:

1-10 of 151

References

github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.4.0

github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-hh2g-77xq-x4vq

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.1%

JSON

Related for OSV:CVE-2023-39519