PT-2023-24306 · Icecms · Icecms

Publicado

2023-05-25

Atualizado

2025-01-16

CVE-2023-33355

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IceCMS version 1.0.0

Description The issue is related to Insecure Permissions, allowing unauthorized access to the API. This results in the disclosure of sensitive information.

Recommendations For IceCMS version 1.0.0, consider restricting access to the API as a temporary workaround until a patch is available. Additionally, review and update the permission settings to prevent unauthorized access.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-33355

Produtos afetados

Icecms

PT-2023-24306 · Icecms · Icecms

CVE-2023-33355

Identificadores relacionados

Produtos afetados

Referências · 4