CVE-2023-33884

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 12, 2023

Updated: Jul 19, 2023

CWE ID 862

Summary

CVE-2023-33884 is a vulnerability in telephony service that lacks a permission check, potentially allowing for local information disclosure without the need for additional execution privileges. The affected products include bQe5zt, lAMRr5, sYyJEm, sYyJEl, fWGaF5, s23HS_, nn8kgA, and sYyJE8. The risk score is 26 out of 100, indicating a medium severity level. The base score is 5.5 out of 10, with a low privilege requirement and no user interaction needed. The attack vector is local and the confidentiality impact is high. Remediation measures are not specified in the given information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r9raBV
https://www.cve.org/CVERecord?id=CVE-2023-33884
https://nvd.nist.gov/vuln/detail/CVE-2023-33884

Back to Vulnerability Database

CVE-2023-33884

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations