CVE-2023-46119

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 25, 2023
Updated: Nov 1, 2023
CWE ID 23
CWE ID 22

Summary

CVE-2023-46119 is a vulnerability affecting Parse Server, an open-source backend that can be deployed on Node.js infrastructure. The vulnerability occurs when uploading a file without an extension, causing Parse Server to crash. It has been patched in versions 5.5.6 and 6.3.1 of the software. This vulnerability has a high base severity and score of 7.5 according to [email protected], with an exploitability score of 3.9. The impact score is calculated at 3.6, indicating the potential danger this vulnerability poses to organizations using Parse Server. It requires no privileges or user interaction to exploit, and the attack vector is through the network. The availability impact is high, while the integrity and confidentiality impacts are none. Note: The provided information contains technical details about the CVE vulnerability but lacks specific remediation steps or potential dangers for organizations beyond the given severity and impact scores.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46119 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options