CVE-2023-41966

High

The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a…

icscert·CWE-267·Published 2023-10-26

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

174 chars

The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter.

NVDen

174 chars

The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter.

La aplicación sufre una vulnerabilidad de escalada de privilegios. Un usuario con permisos de lectura puede elevar sus privilegios enviando un HTTP POST para establecer un parámetro.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
3.1	Secondary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N