CVE-2023-32313 — Vulnetix

CVE-2023-32313 PUBLISHED

Es besteht eine Schwachstelle in vm2 bezüglich der "console.log". Ein Angreifer kann einen Lese- und Schreibzugriff auf die Methode "node inspect" erhalten und anschließend die Optionen für "console.log" manipulieren.

EPSS 0.58% · 69.1th percentile

Risk Scores

EPSS Score

0.58%

69.1th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux Advanced Cluster Management for Kubernetes 2
Red Hat	Red Hat Enterprise Linux

Timeline

May 15, 2023 CVE Published
May 16, 2023 EPSS Score
May 16, 2023 PoC Published
May 24, 2023 CVE Updated
Jun 21, 2023 EPSS Score
Jul 28, 2023 EPSS Score
Oct 9, 2023 EPSS Score
Nov 14, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Jan 26, 2024 EPSS Score
Mar 3, 2024 EPSS Score
Apr 8, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1217.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1217 advisory
https://access.redhat.com/errata/RHSA-2023:3356 advisory
https://access.redhat.com/errata/RHSA-2023:3353 advisory
https://access.redhat.com/errata/RHSA-2023:3326 advisory
https://access.redhat.com/errata/RHSA-2023:3325 advisory
https://access.redhat.com/errata/RHSA-2023:3297 advisory
https://access.redhat.com/errata/RHSA-2023:3296 advisory
https://github.com/patriksimek/vm2/security/advisories/GHSA-whpj-8f3w-67p5 advisory
https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v advisory

Open in Interactive Console →