CVE-2023-3574

CVSS 3.0 Score 8.8 of 10 (high)

Details

Published Jul 10, 2023

Updated: Jul 19, 2023

CWE ID 121

Summary

CVE-2023-3574 represents a security vulnerability in the GitHub repository pimcore/customer-data-framework, specifically affecting versions prior to 3.4.1. This issue involves improper authorization, allowing unauthorized users to gain access to restricted data or functionalities within the repository. The consequences of exploitation could potentially lead to data breaches or unintended modifications. It is highly recommended that users of this repository upgrade to the latest version, 3.4.1 or above, to mitigate this risk. Failure to do so may expose organizations to potential security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v0X_zs
https://www.cve.org/CVERecord?id=CVE-2023-3574
https://nvd.nist.gov/vuln/detail/CVE-2023-3574

Back to Vulnerability Database

CVE-2023-3574

CVSS 3.0 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations