Vulnerability Details : CVE-2023-27319
ONTAP Mediator versions prior to 1.7 are susceptible to a
vulnerability that can allow an unauthenticated attacker to enumerate
URLs via REST API.
Products affected by CVE-2023-27319
- cpe:2.3:a:netapp:ontap_mediator:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-27319
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 40 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-27319
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST | 2024-01-03 |
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NetApp, Inc. |
CWE ids for CVE-2023-27319
-
The product generates an error message that includes sensitive information about its environment, users, or associated data.Assigned by:
- nvd@nist.gov (Primary)
- security-alert@netapp.com (Secondary)
References for CVE-2023-27319
-
https://security.netapp.com/advisory/ntap-20231221-0011/
CVE-2023-27319 Information Disclosure Vulnerability in ONTAP Mediator | NetApp Product SecurityVendor Advisory
Jump to