CVE-2023-39376

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Sep 27, 2023

CWE ID 284

Summary

CVE-2023-39376 is a vulnerability affecting SiberianCMS, where an authorized user can disable a security feature remotely, due to improper access control (CWE-284). This issue grants unintended privileges, potentially enabling attackers to bypass protective measures, and could result in unauthorized access or data breaches. It is crucial for SiberianCMS users to apply the necessary patches or upgrades to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siberian CMS

Affected Vendors

Siberiancms

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sKgOb5
https://www.cve.org/CVERecord?id=CVE-2023-39376
https://nvd.nist.gov/vuln/detail/CVE-2023-39376

Back to Vulnerability Database