CVE-2023-23330

Status: Modified
Last modified: 07-11-2023
Published: 28-03-2023
7.5

SUMMARY CVE-2023-23330

amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion.

Access CVSS3 CVE-2023-23330

Attack Complexity Attack Vector Privileges Required Scope User Interaction
LOW NETWORK NONE UNCHANGED NONE

Impact CVSS3 CVE-2023-23330

Confidentiality Integrity Availability
HIGH NONE NONE

Details CVE-2023-23330

EPSS 0.00152
EPSS % 0.52144
References
CWE CWE-552
CAPEC
  • Collect Data from Common Resource Locations: An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
  • Probe System Files: An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.
Vulnerable Configurations
  • cpe:2.3:a:amano:xoffice:7.1.3879:*:*:*:*:*:*:*
    cpe:2.3:a:amano:xoffice:7.1.3879:*:*:*:*:*:*:*
CVSS3 Source nvd@nist.gov
CVSS3 Type Primary
CVSS3 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

ATOM RSS Feed Link for CVE Vulnerabilities

CVE Data Propulsed by AKAOMA CyberSecurity