Apache Sling Vulnerabilità

Sequenza temporale

Versione

1.0.44
1.03
1.0.23
1.0.63
1.1.02

Contromisure

Official Fix12
Temporary Fix0
Workaround1
Unavailable0
Not Defined8

Sfruttabilità

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined21

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent2
Network19

Autenticazione

Not Defined0
High0
Low9
None12

Interazione dell'utente

Not Defined0
Required11
None10

C3BM Index

L'anno scorso

CVSSv3 Base

≤10
≤20
≤30
≤41
≤54
≤68
≤75
≤83
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤41
≤54
≤68
≤75
≤83
≤90
≤100

VulDB

≤10
≤20
≤30
≤44
≤55
≤68
≤74
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤62
≤75
≤83
≤91
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤81
≤91
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k0
<2k0
<5k0
<10k15
<25k6
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k9
<2k2
<5k4
<10k5
<25k1
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

Affected Versions (84): 1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.0.11, 1.0.12, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.2, 1.3, 1.4, 1.4.1, 2.0, 2.1, 2.1.1, 2.1.4, 2.2, 2.2.1, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.9, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 2.3.15, 2.3.16, 2.3.17, 2.3.18, 2.3.19, 2.3.21, 2.4, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.5.9, 2.5.11, 2.5.12, 2.5.13, 2.5.14, 2.5.15, 2.5.16, 2.5.17, 2.5.18, 2.6, 2.6.1, 2.7, 2.8, 2.9, 2.10, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.1.9, 3.1.11

Link to Product Website: https://www.apache.org/

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
06/02/20247.47.3Apache Sling Servlets Resolver Script directory traversal$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-23673
15/05/20237.67.6Apache Sling Commons JSON Bundle escalazione di privilegi$5k-$25k$5k-$25kNot DefinedWorkaround0.02CVE-2022-47937
13/04/20233.53.5Apache Sling cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2022-45064
20/03/20236.46.3Apache Sling Resource Merger denial of service$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-26513
23/02/20236.46.2Apache Sling i18n Dictionary escalazione di privilegi$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-25621
14/02/20236.96.7Apache Sling JCR Base RepositoryAccessor getRepositoryFromURL escalazione di privilegi$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-25141
05/02/20234.84.7Apache Sling App CMS cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-22849
09/01/20234.44.4Apache Sling CMS Group Details cross site scripting$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2022-46769
02/11/20224.44.4Apache Sling App CMS Taxonomy Management cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-43670
22/06/20225.55.5Apache Sling Commons Log/Sling API escalazione di privilegi$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2022-32549

11 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 11 results.

altre voci di Apache

PrecedenteVisione D'insiemeIl prossimo

Do you know our Splunk app?

Download it now for free!