| Advisory
Products
MOOLE SCA
Continuous visibility into open-source risk
MOOLE Container Security
End-to-end container defense across the SDLC
MOOLE SAST
Static application security testing for source code
About Us
CVE-2023-2590
Vulnerability Database
go
CVE-2023-2590
Base Score
LOW
3.5
CVE-2023-2590
Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9.
Vector
NETWORK
Published By
security@huntr.dev
Published Date
May 09, 2023, 06:15
Affected Versions
(1)
github.com/answerdev/answer
(Go)
Introduced
0
Fixed
1.0.9
Limit
N/A
Package (Ecosystem)
Introduced
Fixed
Limit
github.com/answerdev/answer
(Go)
0
1.0.9
N/A
Weakness Type (CWE)
:
CWE-862
CVSS Metrics
CVSS v3.1
CVSS v3.0
Base Score
3.5
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Base Severity
LOW
Version
3.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
LOW
User Interaction (UI)
REQUIRED
Scope (S)
UNCHANGED
Confidentiality (C)
NONE
Integrity (I)
LOW
Availability (A)
NONE
References
https://github.com/answerdev/answer/commit/51ac1e6b76ae9ab3ca2008ca4819c0cc3bd2fcd3
https://huntr.dev/bounties/a4238a30-3ddb-4415-9055-e179c3d4dea7
Base Score
LOW
3.5
Weakness Type (CWE)
:
CWE-862
CVSS Metrics
CVSS v3.1
CVSS v3.0
Base Score
3.5
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Base Severity
LOW
Version
3.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
LOW
User Interaction (UI)
REQUIRED
Scope (S)
UNCHANGED
Confidentiality (C)
NONE
Integrity (I)
LOW
Availability (A)
NONE
