Vulnerability Details : CVE-2023-5830
A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This affects an unknown part of the file /api/authentication/login of the component WebTools. The manipulation of the argument Server leads to improper authentication. It is possible to initiate the attack remotely. Upgrading to version 7.2 SP4 and 2021.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-243729 was assigned to this vulnerability.
Vulnerability category: BypassGain privilege
Products affected by CVE-2023-5830
- cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:*
- cpe:2.3:a:documentlocator:document_locator:7.2:-:*:*:*:*:*:*
- cpe:2.3:a:documentlocator:document_locator:7.2:sp3:*:*:*:*:*:*
- cpe:2.3:a:documentlocator:document_locator:21:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-5830
0.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-5830
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
VulDB | |
7.3
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
3.9
|
3.4
|
VulDB | |
7.3
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
3.9
|
3.4
|
VulDB | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-5830
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: cna@vuldb.com (Primary)
References for CVE-2023-5830
-
https://vuldb.com/?ctiid.243729
CVE-2023-5830: ColumbiaSoft Document Locator WebTools login improper authenticationPermissions Required
-
https://vuldb.com/?id.243729
CVE-2023-5830: ColumbiaSoft Document Locator WebTools login improper authenticationThird Party Advisory
Jump to