216.73.216.133

CVE-2023-7240

· Published 07/05/2024 13:15 · Modified 07/05/2024 13:39

Labels: CVE-2023-7240 2024-05-07CVE-2023-7240CWE-20[email protected]

Essential information

Published
07/05/2024 13:15
Modified
07/05/2024 13:39
Author
Creator
CVSS
5.8 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CVSS metrics

Description

 An improper authorization level has been detected in the login panel. It may lead to unauthenticated Server Side Request Forgery and allows to perform open services enumeration. Server makes query to provided server (Server IP/DNS field) and is triggering connection to arbitrary address.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References