CVE-2023-1663 in Coverityinfo

Zusammenfassung

von MITRE • 29.03.2023

Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the downloads directory and its contents are accessible. 5.9 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C)

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Synopsys

Reservieren

27.03.2023

Veröffentlichung

29.03.2023

Moderieren

akzeptiert

Eintrag

VDB-224465

CPE

bereit

CWE

CWE-425 (bestätigt)

CVSS

5.3 (NVD)

EPSS

0.00431

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-1663
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-1663
CVE Details	https://www.cvedetails.com/cve/CVE-2023-1663/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!