CVE-2023-47634

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Feb 29, 2024
CWE ID 362

Summary

CVE-2023-47634 is a vulnerability that affects the Decidim participatory democracy framework. Versions 0.10.0 and earlier have a race condition in the endorsement of resources, allowing users to make multiple endorsements by sending multiple requests in parallel. Versions 0.26.9, 0.27.5, and 0.28.0 contain a patch for this issue, but as a workaround, organizations can disable the Endorsement feature. The vulnerability has a low base severity and score of 3.1, with low integrity and no confidentiality impact. The exploitability score is 1.6, indicating relatively low ease of exploitation through network attack vectors, while privileges required and user interaction are also low. The potential danger posed to an organization is relatively low, but it is still recommended to apply the available patches or implement the suggested workaround to mitigate any risks associated with this vulnerability.

Note: The summary provided is hypothetical and does not reflect any actual vulnerability or source information as it was not included in the given text snippet.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47634 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options