CVE-2023-38195

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Jul 22, 2023

Updated: Aug 1, 2023

Summary

CVE-2023-38195 is a vulnerability affecting Datalust Seq before version 2023.2.9489. This issue allows a high-privileged user to insert sensitive information into an externally accessible file or directory, which can be exploited if the software uses external metadata storage with SQL Server or PostgreSQL. The vulnerability does not pose a threat under regular circumstances, but when exploited, it can lead to potential data exposure. It is crucial to update to the latest version of Datalust Seq to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Datalust Seq

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r-R3tW
https://www.cve.org/CVERecord?id=CVE-2023-38195
https://nvd.nist.gov/vuln/detail/CVE-2023-38195

Back to Vulnerability Database

CVE-2023-38195

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations