CVE-2023-5913

Published Nov 8, 2023

Last updated 2 months ago

CVSS critical 9.8

Overview

Description: Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.
Source: security@opentext.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
security@opentext.com: CWE-266
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-266

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5578907C-9142-461B-88F3-D4510D57E23A"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDE09FF8-AFDD-4F5E-AF44-FFE8854F5763"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:21.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EF4C5A3-E698-469A-A8AB-223AC6013B1C"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0926D3A0-76B2-435C-B691-58B51EDF81B7"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "956F2EB1-BF27-4F42-A325-E9F91EF60E5D"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:22.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DA67A67-DC1E-4FC0-8A9B-8A2192E939BB"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:fortify_scancentral_dast:23.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BFD11CE-87C4-40A2-A6EA-80CF1D465F4B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References