VDB
CVE-2023-40787
CVE-2023-40787
PUBLISHED
CVSS 9.800000190734863 CRITICAL
SpringBlade vulnerable to SQL injection
EPSS 1.27% · 79.9th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
1.27%
79.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| bladex | springblade | 3.6.0 |
| Maven | org.springblade:blade-core-tool | 3.6.0 |
| n/a | n/a | n/a |
Exploit Intelligence
- CIRCL seen: CVE-2023-40787 (circl-sighting)
- https://sword.bladex.cn/ (circl)
- https://gist.github.com/kaliwin/9d6cf58bb6ec06765cdf7b75e13ee460 (circl)
Timeline
- Aug 29, 2023 CVE Published
- Aug 29, 2023 PoC Published
- Aug 30, 2023 EPSS Score
- Aug 31, 2023 CVE Updated
- Oct 2, 2023 EPSS Score
- Nov 4, 2023 EPSS Score
- Dec 7, 2023 EPSS Score
- Jan 9, 2024 EPSS Score
- Mar 14, 2024 EPSS Score
- Apr 16, 2024 EPSS Score
- May 19, 2024 EPSS Score
- Jun 21, 2024 EPSS Score
References
- https://www.ibm.com/support/pages/node/7099862 advisory
- https://www.ibm.com/support/pages/node/7101062 advisory
- https://www.ibm.com/support/pages/node/7099313 advisory
- https://supportportal.juniper.net/s/article/2023-12-Security-Bulletin-JSA-Series-Multiple-vulnerabilities-resolved advisory
- https://sword.bladex.cn/ url
- https://gist.github.com/kaliwin/9d6cf58bb6ec06765cdf7b75e13ee460 url
- https://nvd.nist.gov/vuln/detail/CVE-2023-40787 advisory
- https://github.com/chillzhuang/blade-tool package
- https://sword.bladex.cn url