CVE-2023-3227

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jun 14, 2023

Updated: Jun 17, 2023

CWE ID 787

Summary

CVE-2023-3227 is a vulnerability affecting the GitHub repository fossbilling/fossbilling before version 0.5.0. The issue involves insufficient granularity of access control, posing a risk to unauthorized modification or deletion of files. Attackers could exploit this flaw to gain unintended access to repository data or even manipulate the application's functionality. This vulnerability emphasizes the importance of implementing fine-grained access control to protect sensitive information. Users are advised to update to the latest version of fossbilling to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fuji Electric TELLUS

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rj37j_
https://www.cve.org/CVERecord?id=CVE-2023-3227
https://nvd.nist.gov/vuln/detail/CVE-2023-3227

Back to Vulnerability Database

CVE-2023-3227

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations