CVE-2023-34865

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 14, 2023

Updated: Jun 22, 2023

CWE ID 22

Summary

CVE-2023-34865 is a directory traversal vulnerability affecting ujcms version 6.0.2. Malicious actors can exploit this weakness by manipulating the rename feature to move files outside of the intended directory, potentially gaining unauthorized access or disclosing sensitive data. This issue poses a significant risk to systems running the affected software and requires immediate attention to apply the available patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ro29Va
https://www.cve.org/CVERecord?id=CVE-2023-34865
https://nvd.nist.gov/vuln/detail/CVE-2023-34865

Back to Vulnerability Database

CVE-2023-34865

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations