CVE-2023-5457 : A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in

A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.

Published 2024-03-05 12:15:48

Updated 2024-03-05 13:41:02

Source Nozomi Networks Inc.

View at NVD, CVE.org

Products affected by CVE-2023-5457

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-5457

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 28 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-5457

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	Nozomi Networks Inc.	2024-03-05
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2023-5457

CWE-1269 Product Released in Non-Release Configuration

The product released to market is released in pre-production or manufacturing configuration.

Assigned by: prodsec@nozominetworks.com (Secondary)

References for CVE-2023-5457

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-5457

CVE-2023-5457 | Nozomi Networks Labs

Jump to

Vulnerability Details : CVE-2023-5457

Products affected by CVE-2023-5457

Exploit prediction scoring system (EPSS) score for CVE-2023-5457

CVSS scores for CVE-2023-5457

CWE ids for CVE-2023-5457

References for CVE-2023-5457