CVE-2023-3253

CWE-863Incorrect Authorization3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 57.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenable Nessus
Timeline
PublishedAug 29

Description

An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5tenable/nessus< 10.6.0
NVDtenable/nessus< 10.6.0

🔴Vulnerability Details

2
GHSA
GHSA-76cq-86p6-8q56: An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in2023-08-29
CVEList
Improper authorization in Nessus2023-08-29
CVE-2023-3253 (MEDIUM CVSS 4.3) | An improper authorization vulnerabi | cvebase.io