CVE-2023-2590Missing Authorization in Answer

CWE-862Missing Authorization4 documents3 sources
Severity
3.5LOWNVD
EPSS
0.1%
top 79.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Answerdev AnswerGithub.com Answerdev AnswerAnswer
Timeline
PublishedMay 9
Latest updateAug 20

Description

Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages3 packages

CVEListV5answerdev/answerdev_answerunspecified1.0.9
NVDanswer/answer< 1.0.9

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

3
OSV
Answer Missing Authorization vulnerability in github.com/answerdev/answer2024-08-20
OSV
Answer Missing Authorization vulnerability2023-05-09
GHSA
Answer Missing Authorization vulnerability2023-05-09