CVSS 3.1 Score 5.5 of 10 (medium)


Published Oct 30, 2023
Updated: Dec 22, 2023


CVE-2023-21394 is a vulnerability that affects multiple products, including tzDcWF, bQe5zt, YLUeDN, and others. The vulnerability allows an attacker to reveal images from another user due to a missing permission check, potentially leading to local information disclosure. This vulnerability does not require any additional execution privileges and does not require user interaction for exploitation. The base severity of this vulnerability is rated as MEDIUM with a base score of 5.5. It has a confidentiality impact of HIGH but no integrity or availability impact. The exploitability score is 1.8, indicating that it is relatively easy to exploit.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-21394 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options