CVE-2023-6599 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.3 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
@huntr_ai	CNA	3.1 LOW	NETWORK	HIGH	LOW	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 42%

Vendor	Product	Version
microweber	microweber	𝑥 < 2.0.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-544 - Missing Standardized Error Handling Mechanism
The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses.
CWE-755 - Improper Handling of Exceptional Conditions
The software does not handle or incorrectly handles an exceptional condition.

References

https://github.com/microweber/microweber/commit/f7eb9e1c6e801346f07f3b0164a01ac5f2ca5cfd

https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e

https://github.com/microweber/microweber/commit/f7eb9e1c6e801346f07f3b0164a01ac5f2ca5cfd

https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e