Vulnerability Details : CVE-2023-29944
Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench
Products affected by CVE-2023-29944
- cpe:2.3:a:metersphere:metersphere:1.20.20-lts-79d354a6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-29944
0.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-29944
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2023-29944
-
https://github.com/metersphere/metersphere
GitHub - metersphere/metersphere: MeterSphere 是一站式开源持续测试平台,覆盖测试管理、接口测试、UI 测试和性能测试等。搞测试,就选 MeterSphere!Product
Jump to