| Advisory
Products
MOOLE SCA
Continuous visibility into open-source risk
MOOLE Container Security
End-to-end container defense across the SDLC
MOOLE SAST
Static application security testing for source code
About Us
CVE-2023-0564
Vulnerability Database
packagist
CVE-2023-0564
Base Score
HIGH
7.5
CVE-2023-0564
Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
Vector
NETWORK
Published By
security@huntr.dev
Published Date
Jan 29, 2023, 01:15
Affected Versions
(1)
froxlor/froxlor
(Packagist)
Introduced
0
Fixed
2.0.10
Limit
N/A
Package (Ecosystem)
Introduced
Fixed
Limit
froxlor/froxlor
(Packagist)
0
2.0.10
N/A
Weakness Type (CWE)
:
CWE-521
CVSS Metrics
CVSS v3.1
Base Score
7.5
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality (C)
NONE
Integrity (I)
HIGH
Availability (A)
NONE
References
https://github.com/froxlor/froxlor/commit/2a84e9c1207fd3d792b7fb198fd0c66fe1a66a7a
https://huntr.dev/bounties/a4f86d6f-0d5d-428d-a4b3-551b20a21ce6
Base Score
HIGH
7.5
Weakness Type (CWE)
:
CWE-521
CVSS Metrics
CVSS v3.1
Base Score
7.5
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality (C)
NONE
Integrity (I)
HIGH
Availability (A)
NONE
