CVE-2023-27088
Published Mar 8, 2023
Last updated 2 years ago
Overview
- Description
- feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:feiqu-opensource_project:feiqu-opensource:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21F13408-94A5-4253-9BFF-02F1D503C0F5"
}
],
"operator": "OR"
}
]
}
]