CVE-2023-24841 - CERT CVE
ID CVE-2023-24841
Sažetak HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or disrupt service.
Reference
CVSS
Base: 7.2
Impact: 5.9
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 30-03-2023 - 17:54
Objavljeno 27-03-2023 - 04:15