CVE-2023-20853 in a+HRDinformación

Resumen

por MITRE • 2023-04-27

aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ asynchronized message process. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

TWCERT/CC

Reservar

2022-10-31

Divulgación

2023-04-27

Moderación

aceptado

Artículo

VDB-227549

CPE

listo

CWE

CWE-502 (confirmado)

CVSS

9.8 (CNA)

EPSS

0.00998

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-20853
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-20853
CVE Details	https://www.cvedetails.com/cve/CVE-2023-20853/

◂ Anterior Visión De Conjunto Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!