CVE-2023-39547

CWE-2943 documents3 sources

Severity

8.8HIGH

EPSS

0.1%

top 78.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

NEC Corporation Clusterpro X (expresscluster X)NEC Corporation Clusterpro X Singleserversafe (expresscluster X Singleserversafe)NEC Expresscluster X +1 more

Timeline

PublishedNov 17

Description

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5nec_corporation/clusterpro_x_singleserversafe_(expresscluster_x_singleserversafe)1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1

▶NVDnec/expresscluster_x_singleserversafe12 versions+11

▶CVEListV5nec_corporation/clusterpro_x_(expresscluster_x)1.0, 2.0 2.1, 3.0, 3.1, 3.2, 4.0, 4.1, 4.2, 5.0 and 5.1

▶NVDnec/expresscluster_x12 versions+11

Patches

Patch: jpn.nec.com ↗Patch: jpn.nec.com ↗

🔴Vulnerability Details

GHSA

GHSA-vrjx-2rqq-2j39: CLUSTERPRO X Ver5↗2023-11-17

▶

CVEList

CVE-2023-39547: CLUSTERPRO X Ver5↗2023-11-17

▶