← volver
CVE-2023-3091

Captura CRYPTBASE.dll uncontrolled search path

CVSS 7 HIGHEPSS 0.2%CWE-427
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
03 jun 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation appears to be difficult. The identifier of this vulnerability is VDB-230668. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
n/a · Captura

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://vuldb.com/?ctiid.230668https://vuldb.com/?id.230668