CVE-2023-47320

High

8.1/10

Summary

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

References

Advisory Timeline

Published Dec 13, 2023

CVE-2023-47320

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS