PT-2023-4921 · Artbees · Artbees Jupiterx Core

Rafie Muhammad

Publicado

2023-08-25

Atualizado

2024-06-24

CVE-2023-38389

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Artbees JupiterX Core versions n/a through 3.3.8

Description The issue is related to incorrect authorization in Artbees JupiterX Core, allowing access to functionality not properly constrained by ACLs. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. Approximately 4,731,865 results are affected, and around 180,000 Wordpress sites are infected.

Recommendations For Artbees JupiterX Core versions n/a through 3.3.8, update to a version later than 3.3.8 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable functionality until a patch is available. Avoid using the vulnerable plugin until the issue is resolved.

Exploit

Correção

Incorrect Authorization

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863CWE-269

Identificadores relacionados

BDU:2023-05433

CVE-2023-38389

Produtos afetados

Artbees Jupiterx Core

PT-2023-4921 · Artbees · Artbees Jupiterx Core

CVE-2023-38389

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 20