CVE-2023-5172

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 27, 2023
Updated: Jan 7, 2024
CWE ID 416

Summary

CVE-2023-5172 is a vulnerability that affects Firefox versions prior to 118. It is categorized as a use-after-free vulnerability, specifically in the hashtable of the Ion Engine. This vulnerability can lead to a potential crash that is exploitable, posing a high danger to organizations. The base severity of this vulnerability is rated as CRITICAL, with a base score of 9.8 out of 10. It requires no privileges and no user interaction, making it accessible over a network. The impact on integrity and confidentiality is classified as HIGH, with an overall impact score of 5.9 out of 10. Remediation for this vulnerability involves updating Firefox to version 118 or above.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5172 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options