CVE-2023-7163

{"id": "CVE-2023-7163", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "vulnreport@tenable.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-12-28T16:16:02.730", "references": [{"url": "https://tenable.com/security/research/tra-2023-43", "tags": ["Exploit", "Third Party Advisory"], "source": "vulnreport@tenable.com"}, {"url": "https://tenable.com/security/research/tra-2023-43", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "vulnreport@tenable.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory becoming full, or the execution of tasks on other probes.\n\n"}, {"lang": "es", "value": "Existe un problema de seguridad en D-Link D-View 8 v2.0.2.89 y anteriores que podr\u00eda permitir a un atacante manipular el inventario de sonda del servicio D-View. Esto podr\u00eda dar como resultado la divulgaci\u00f3n de informaci\u00f3n de otras sondas, la denegaci\u00f3n de condiciones de servicio debido a que el inventario de la sonda se llena o la ejecuci\u00f3n de tareas en otras sondas."}], "lastModified": "2024-11-21T08:45:24.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dlink:d-view_8:2.0.2.89:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A91C8832-E4F4-47AD-986A-2C63EEBF9B6C"}], "operator": "OR"}]}], "sourceIdentifier": "vulnreport@tenable.com"}