CVE-2023-6899 - CERT CVE
ID CVE-2023-6899
Sažetak A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by this vulnerability is an unknown functionality of the file /settings/save_config of the component Config Handler. The manipulation of the argument value_template leads to code injection. The exploit has been disclosed to the public and may be used. The identifier VDB-248257 was assigned to this vulnerability.
Reference
CVSS
Base: 4.7
Impact: 6.4
Exploitability:4.1
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW MULTIPLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:L/Au:M/C:P/I:P/A:P
Zadnje važnije ažuriranje 20-12-2023 - 20:29
Objavljeno 17-12-2023 - 13:15