CVE-2023-36301

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 26, 2023

Updated: Jul 13, 2023

CWE ID 22

Summary

CVE-2023-36301 is a newly disclosed vulnerability that affects Talend Data Catalog versions prior to 8.0-20230221. This issue involves a directory traversal vulnerability in the HeaderImageServlet component. An attacker could exploit this flaw by manipulating image file requests to potentially gain unauthorized access to sensitive data or execute malicious code. Organizations using Talend Data Catalog are recommended to upgrade to the latest version immediately to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Talend

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ryFecQ
https://www.cve.org/CVERecord?id=CVE-2023-36301
https://nvd.nist.gov/vuln/detail/CVE-2023-36301

Back to Vulnerability Database

CVE-2023-36301

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations