Vulnerability Details : CVE-2023-38195
Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external (SQL Server or PostgreSQL) metadata storage is used. Exploitation can only occur from a high-privileged user account.
Products affected by CVE-2023-38195
- cpe:2.3:a:datalust:seq:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-38195
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 29 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-38195
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
1.2
|
3.6
|
NIST |
References for CVE-2023-38195
-
https://github.com/datalust/seq-tickets/issues/1886
CVE-2023-38195 Security issue when using external (SQL Server or PostgreSQL) metadata storage · Issue #1886 · datalust/seq-tickets · GitHubIssue Tracking;Vendor Advisory
Jump to