PT-2024-13453 · Unknown · Springblade
Mr-F0Reigner
·
Published
2024-01-02
·
Updated
2024-01-08
·
CVE-2023-47458
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SpringBlade versions 3.7.0 and earlier
Description
An issue in the software allows a remote attacker to escalate privileges via the lack of permissions control framework. This enables the attacker to gain elevated access without proper authorization.
Recommendations
For SpringBlade versions 3.7.0 and earlier, update to a version that includes a fix for the lack of permissions control framework to prevent privilege escalation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Springblade