CVSS 3.1 Score 9.8 of 10 (high)


Published Nov 2, 2023
Updated: Nov 9, 2023
CWE ID 798


CVE-2023-31579, a vulnerability in Dromara Lamp-Cloud before v3.8.1, allows attackers to authenticate to the application using a crafted JSON Web Token (JWT) due to the use of a hardcoded cryptographic key. This vulnerability affects multiple products, including tz5N6_, tz5N6-, and tz5N69. The base severity of this vulnerability is rated as CRITICAL, with a base score of 9.8 out of 10. To remediate this issue, organizations should update their Dromara Lamp-Cloud version to v3.8.1 or higher. The potential danger posed to an organization is high, as it could lead to unauthorized access and compromise sensitive information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-31579 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options