Silverstripe Schwachstellen

Zeitverlauf

Typ

Content Management System	38

Produkt

SilverStripe Framework	11
SilverStripe CMS	8
SilverStripe Assets	4
Silverstripe Framework	3
SilverStripe graphql	2

Massnahmen

Official Fix	27
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	11

Ausnutzbarkeit

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	38

Zugriffsart

Not Defined	0
Physical	0
Local	0
Adjacent	3
Network	35

Authentisierung

Not Defined	0
High	0
Low	21
None	17

Benutzeraktivität

Not Defined	0
Required	20
None	18

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	4
≤5	16
≤6	8
≤7	6
≤8	3
≤9	1
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	4
≤5	17
≤6	8
≤7	6
≤8	2
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	1
≤4	13
≤5	10
≤6	7
≤7	2
≤8	5
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	12
≤7	8
≤8	0
≤9	3
≤10	1

CNA

≤1	0
≤2	1
≤3	0
≤4	1
≤5	3
≤6	2
≤7	0
≤8	2
≤9	0
≤10	0

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	12
<2k	23
<5k	3
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	38
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (14): Admin (1), Assets (4), CMS (9), CMS (2), Framework (14), Framework (2), GraphQL Server (1), Omnipay (1), asset-admin (1), ersioned-admin (1), graphql (3), registry Module (1), restfulserver Module (1), subsites (1)

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
23.01.2024	4.3	4.2	SilverStripe Admin getCheckPermissions erweiterte Rechte	Content Management System	Not Defined	Official Fix	0.00044	0.04	CVE-2023-49783
23.01.2024	4.3	4.2	SilverStripe Framework GridFieldAddExistingAutocompleter Information Disclosure	Content Management System	Not Defined	Official Fix	0.00045	0.02	CVE-2023-48714
23.01.2024	5.3	5.2	SilverStripe graphql erweiterte Rechte	Content Management System	Not Defined	Official Fix	0.00046	0.02	CVE-2023-44401
16.10.2023	6.4	6.3	Silverstripe graphql GraphQL Schema Denial of Service	Content Management System	Not Defined	Official Fix	0.00059	0.03	CVE-2023-40180
01.08.2023	4.9	4.9	Silverstripe Framework Custom Login Form erweiterte Rechte	Content Management System	Not Defined	Official Fix	0.00043	0.00	CVE-2023-32302
26.04.2023	5.6	5.6	Silverstripe Framework Link Redirect	Content Management System	Not Defined	Official Fix	0.00065	0.00	CVE-2023-22729
26.04.2023	4.8	4.7	Silverstripe Framework GridField Print View erweiterte Rechte	Content Management System	Not Defined	Official Fix	0.00063	0.00	CVE-2023-22728
16.03.2023	7.5	7.3	SilverStripe graphql Query Denial of Service	Content Management System	Not Defined	Official Fix	0.00135	0.00	CVE-2023-28104
19.12.2022	6.3	6.0	SilverStripe subsites erweiterte Rechte	Content Management System	Not Defined	Official Fix	0.00069	0.00	CVE-2022-42949
22.11.2022	3.5	3.2	SilverStripe Assets GPX File Cross Site Scripting	Content Management System	Not Defined	Official Fix	0.00075	0.00	CVE-2022-38147

28 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 28 results.

◂ ZurückÜbersichtWeiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!