CVE-2023-29375
Published Apr 10, 2023
Last updated 2 years ago
Overview
- Description
- An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- nvd@nist.gov
- CWE-434
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50BB226D-409D-4549-931E-D6668E27CDDE",
"versionEndExcluding": "13.3.7646",
"versionStartIncluding": "13.3"
},
{
"criteria": "cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FA25F74-CF2D-4126-91F3-F60C27699AF9",
"versionEndExcluding": "14.0.7736",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C672393B-15D3-4D0B-AA66-FA741EE74A60",
"versionEndExcluding": "14.1.7826",
"versionStartIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "280EAD40-FC61-4DFC-9B4D-6600CA48DC05",
"versionEndExcluding": "14.2.7930",
"versionStartIncluding": "14.2"
},
{
"criteria": "cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80A1112E-32F1-4A99-9517-15EC1BBF3ED3",
"versionEndExcluding": "14.3.8026",
"versionStartIncluding": "14.3"
}
],
"operator": "OR"
}
]
}
]