CINXE.COM

NVD - Home

<!DOCTYPE html> <html lang="en"> <head><script type="text/javascript" src="/_static/js/bundle-playback.js?v=HxkREWBo" charset="utf-8"></script> <script type="text/javascript" src="/_static/js/wombat.js?v=txqj7nKC" charset="utf-8"></script> <script>window.RufflePlayer=window.RufflePlayer||{};window.RufflePlayer.config={"autoplay":"on","unmuteOverlay":"hidden"};</script> <script type="text/javascript" src="/_static/js/ruffle/ruffle.js"></script> <script type="text/javascript"> __wm.init("https://web.archive.org/web"); __wm.wombat("https://nvd.nist.gov/","20230204045021","https://web.archive.org/","web","/_static/", "1675486221"); </script> <link rel="stylesheet" type="text/css" href="/_static/css/banner-styles.css?v=S1zqJCYt" /> <link rel="stylesheet" type="text/css" href="/_static/css/iconochive.css?v=3PDvdIFv" /> <!-- End Wayback Rewrite JS Include --> <title>NVD - Home</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> <meta http-equiv="content-style-type" content="text/css"/> <meta http-equiv="content-script-type" content="text/javascript"/> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-scripts/font-awesome/css/font-awesome.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-media/bootstrap/css/bootstrap.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-media/bootstrap/css/bootstrap-theme.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-scripts/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-media/css/nist-fonts.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-media/css/base-style.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-media/css/media-resize.css" type="text/css" rel="stylesheet"/> <meta name="theme-color" content="#000000"> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-scripts/jquery/dist/jquery.min.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-scripts/jquery-visible/jquery.visible.min.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-scripts/underscore/underscore-min.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-media/bootstrap/js/bootstrap.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-scripts/moment/min/moment.min.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-scripts/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-media/js/megamenu.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-media/js/nist-exit-script.js" type="text/javascript"></script> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-media/js/forms.js" type="text/javascript"></script> <!-- <script th:src="@{/site-media/js/federated-analytics.all.min.js?agency=NIST&subagency=nvd&pua=UA-37115410-41&yt=true}" type="text/javascript" id="_fed_an_js_tag"></script> --> <script src="/web/20230204045021js_/https://nvd.nist.gov/site-media/js/federated-analytics.all.min.js?agency=NIST&amp;subagency=nvd&amp;pua=UA-37115410-41&amp;yt=true" type="text/javascript" id="_fed_an_js_tag"></script> <style id="antiClickjack"> body>* { display: none !important; } #antiClickjack { display: block !important; } </style> <noscript> <style id="antiClickjackNoScript"> body>* { display: block !important; } #antiClickjack { display: none !important; } </style> </noscript> <script type="text/javascript" id="antiClickjackScript"> if (self === top) { // no clickjacking var antiClickjack = document.getElementById("antiClickjack"); antiClickjack.parentNode.removeChild(antiClickjack); } else { setTimeout(tryForward(), 5000); } function tryForward() { top.location = self.location; } </script> <meta charset="UTF-8"> <link href="/web/20230204045021cs_/https://nvd.nist.gov/site-media/css/nvd-style.css" type="text/css" rel="stylesheet"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/apple-touch-icon.png" rel="apple-touch-icon" type="image/png" sizes="180x180"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/favicon-32x32.png" rel="icon" type="image/png" sizes="32x32"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/favicon-16x16.png" rel="icon" type="image/png" sizes="16x16"/> <link href="/web/20230204045021/https://nvd.nist.gov/site-media/images/favicons/manifest.json" rel="manifest"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/safari-pinned-tab.svg" rel="mask-icon" color="#000000"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="shortcut icon"/> <meta name="msapplication-config" content="/site-media/images/favicons/browserconfig.xml"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="shortcut icon" type="image/x-icon"/> <link href="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="icon" type="image/x-icon"/> <meta charset="UTF-8"> <meta charset="UTF-8"> </head> <body> <header role="banner" title="Site Banner"> <div id="antiClickjack" style="display: none"> <h1>You are viewing this page in an unauthorized frame window.</h1> <p> This is a potential security issue, you are being redirected to <a href="https://web.archive.org/web/20230204045021/https://nvd.nist.gov/">https://nvd.nist.gov</a> </p> </div> <div> <section class="usa-banner" aria-label="Official government website"> <div class="usa-accordion container"> <header class="usa-banner__header"> <noscript> <p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p> </noscript> <img class="usa-banner__header-flag" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/usbanner/us_flag_small.png" alt="U.S. flag"> &nbsp; <span class="usa-banner__header-text">An official website of the United States government</span> <button id="gov-banner-button" class="usa-accordion__button usa-banner__button" data-toggle="collapse" data-target="#gov-banner" aria-expanded="false" aria-controls="gov-banner"> <span class="usa-banner__button-text">Here's how you know</span> </button> </header> <div class="usa-banner__content usa-accordion__content collapse" role="tabpanel" id="gov-banner" aria-expanded="true"> <div class="row"> <div class="col-md-5 col-sm-12"> <div class="row"> <div class="col-sm-2 col-xs-3"> <img class="usa-banner__icon usa-media-block__img" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/usbanner/icon-dot-gov.svg" alt="Dot gov"> </div> <div class="col-sm-10 col-xs-9"> <p> <strong>Official websites use .gov</strong> <br> A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> </div> <div class="col-md-5 col-sm-12"> <div class="row"> <div class="col-sm-2 col-xs-3"> <img class="usa-banner__icon usa-media-block__img" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/usbanner/icon-https.svg" alt="Https"> </div> <div class="col-sm-10 col-xs-9"> <p> <strong>Secure .gov websites use HTTPS</strong> <br> A <strong>lock</strong> (<img class="usa-banner__lock" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/usbanner/lock.svg" alt="Dot gov">) or <strong>https://</strong> means you've safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </div> </section> </div> <div> <div> <nav id="navbar" class="navbar"> <div id="nist-menu-container" class="container"> <div class="row"> <!-- Brand --> <div class="col-xs-6 col-md-4 navbar-header" style="height:104px"> <a class="navbar-brand" href="https://web.archive.org/web/20230204045021/https://www.nist.gov/" target="_blank" id="navbar-brand-image" style="padding-top: 36px"> <img alt="National Institute of Standards and Technology" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.svg" width="110" height="30"> </a> </div> <div class="col-xs-6 col-md-8 navbar-nist-logo"> <span id="nvd-menu-button" class="pull-right" style="margin-top: 26px"> <a href="#"> <span class="fa fa-bars"></span> <span id="nvd-menu-full-text"><span class="hidden-xxs">NVD </span>MENU</span> </a> </span> </div> </div> </div> <div class="main-menu-row container"> <!-- Collect the nav links, forms, and other content for toggling --> <div id="main-menu-drop" class="col-lg-12" style="display: none;"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/general"> General <span class="expander fa fa-plus" id="nvd-header-menu-general" data-expander-name="general" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="general"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/general/nvd-dashboard">NVD Dashboard</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/general/news">News</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/general/email-list">Email List</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/general/faq">FAQ</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/general/visualizations">Visualizations</a> </p> </div> </div> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln"> Vulnerabilities <span class="expander fa fa-plus" id="nvd-header-menu-vulnerabilities" data-expander-name="vulnerabilities" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="vulnerabilities"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/search">Search &amp; Statistics</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/full-listing">Full Listing</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/categories">Weakness Types</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/data-feeds">Legacy Data Feeds</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/vendor-comments">Vendor Comments</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/cvmap">CVMAP</a> </p> </div> </div> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss"> Vulnerability Metrics <span class="expander fa fa-plus" id="nvd-header-menu-metrics" data-expander-name="metrics" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="metrics"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator">CVSS V3 Calculator</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator">CVSS V2 Calculator</a> </p> </div> <div class="col-lg-4"></div> </div> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/products"> Products <span class="expander fa fa-plus" id="nvd-header-menu-products" data-expander-name="products" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="products"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/products/cpe">CPE Dictionary</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/products/cpe/search">CPE Search</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/products/cpe/statistics">CPE Statistics</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/products/swid">SWID</a> </p> </div> <div class="col-lg-4"></div> </div> </div></li> <li> <a href="/web/20230204045021/https://nvd.nist.gov/developers">Developers<span class="expander fa fa-plus" id="nvd-header-menu-developers" data-expander-name="developers" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="developers"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/developers/start-here">Start Here</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/developers/request-an-api-key">Request an API Key</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/developers/vulnerabilities">Vulnerabilities</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/developers/products">Products</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/developers/data-sources">Data Sources</a> </p> <p> <a href="/web/20230204045021/https://nvd.nist.gov/developers/terms-of-use">Terms of Use</a> </p> </div> </div> </div> </li> <li><a href="/web/20230204045021/https://nvd.nist.gov/info"> Contact NVD </a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/other"> Other Sites <span class="expander fa fa-plus" id="nvd-header-menu-othersites" data-expander-name="otherSites" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="otherSites"> <div class="row"> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20230204045021/https://ncp.nist.gov/">Checklist (NCP) Repository</a> </p> <p> <a href="https://web.archive.org/web/20230204045021/https://ncp.nist.gov/cce">Configurations (CCE)</a> </p> <p> <a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search">800-53 Controls</a> </p> </div> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/projects/scap-validation-program">SCAP Validated Tools</a> </p> <p> <a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a> </p> </div> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/projects/united-states-government-configuration-baseline">USGCB</a> </p> </div> </div> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/search"> Search <span class="expander fa fa-plus" id="nvd-header-menu-search" data-expander-name="search" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="search"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/vuln/search">Vulnerability Search</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20230204045021/https://nvd.nist.gov/products/cpe/search">CPE Search</a> </p> </div> </div> </div></li> </ul> </div> <!-- /#mobile-nav-container --> </div> </nav> <section id="itl-header" class="has-menu"> <div class="container"> <div class="row"> <div class="col-sm-12 col-md-8"> <h2 class="hidden-xs hidden-sm"> <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/itl" target="_blank">Information Technology Laboratory</a> </h2> <h1 class="hidden-xs hidden-sm"> <a id="nvd-header-link" href="/web/20230204045021/https://nvd.nist.gov/">National Vulnerability Database</a> </h1> <h1 class="hidden-xs text-center hidden-md hidden-lg">National Vulnerability Database</h1> <h1 class="hidden-sm hidden-md hidden-lg text-center">NVD</h1> </div> <div class="col-sm-12 col-md-4"> <a style="width: 100%; text-align: center; display: block;padding-top: 14px"> <img id="img-logo-nvd-lg" alt="National Vulnerability Database" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/F_NIST-Logo-NVD-white.svg" width="500" height="100"> </a> </div> </div> </div> </section> </div> </div> </header> <main> <div> <div id="body-section" class="container"> <div> <div class="row"> <nav title="Side Menu" role="navigation" class="col-lg-3 col-md-4 hidden-sm hidden-xs hidden-xxs"> <ul class="side-nav"> <li><a href="/web/20230204045021/https://nvd.nist.gov/general">General<span class="expander fa fa-plus" id="nvd-side-menu-general" data-expander-name="generalSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="generalSide"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/general/nvd-dashboard">NVD Dashboard</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/general/news">News</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/general/email-list">Email List</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/general/faq">FAQ</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/general/visualizations">Visualizations</a></li> </ul> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln"> Vulnerabilities <span class="expander fa fa-plus" id="nvd-side-menu-vulnerabilities" data-expander-name="vulnerabilitiesSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="vulnerabilitiesSide"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/search">Search &amp; Statistics</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/full-listing">Full Listing</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/categories">Weakness Types</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/data-feeds">Legacy Data Feeds</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/vendor-comments">Vendor Comments</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/cvmap">CVMAP</a></li> </ul> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss"> Vulnerability Metrics <span class="expander fa fa-plus" id="nvd-side-menu-metrics" data-expander-name="metricsSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="metricsSide"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator">CVSS V3 Calculator</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator">CVSS V2 Calculator</a></li> </ul> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/products"> Products <span class="expander fa fa-plus" id="nvd-side-menu-products" data-expander-name="productsSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="productsSide"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/products/cpe">CPE Dictionary</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/products/cpe/search">CPE Search</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/products/cpe/statistics">CPE Statistics</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/products/swid">SWID</a></li> </ul> </div></li> <li> <a href="/web/20230204045021/https://nvd.nist.gov/developers">Developers<span class="expander fa fa-plus" id="nvd-side-menu-developers" data-expander-name="developersSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="developersSide"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/developers/start-here">Start Here</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/developers/request-an-api-key">Request an API Key</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/developers/vulnerabilities">Vulnerabilities</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/developers/products">Products</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/developers/data-sources">Data Sources</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/developers/terms-of-use">Terms of Use</a></li> </ul> </div> </li> <li><a href="/web/20230204045021/https://nvd.nist.gov/info"> Contact NVD </a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/other"> Other Sites <span class="expander fa fa-plus" id="nvd-side-menu-othersites" data-expander-name="otherSitesSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="otherSitesSide"> <ul> <li><a href="https://web.archive.org/web/20230204045021/https://ncp.nist.gov/">Checklist (NCP) Repository</a></li> <li><a href="https://web.archive.org/web/20230204045021/https://ncp.nist.gov/cce">Configurations (CCE)</a></li> <li><a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search">800-53 Controls</a></li> <li><a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/projects/scap-validation-program">SCAP Validated Tools</a></li> <li><a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a></li> <li><a href="https://web.archive.org/web/20230204045021/https://csrc.nist.gov/projects/united-states-government-configuration-baseline">USGCB</a></li> </ul> </div></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/search"> Search <span class="expander fa fa-plus" id="nvd-side-menu-search" data-expander-name="searchSide" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="searchSide"> <ul> <li><a href="/web/20230204045021/https://nvd.nist.gov/vuln/search">Vulnerability Search</a></li> <li><a href="/web/20230204045021/https://nvd.nist.gov/products/cpe/search">CPE Search</a></li> </ul> </div></li> </ul> </nav> <div id="page-content" class="col-lg-9 col-md-8 col-sm-12 col-xs-12 col-xxs-12"> <div class="col-md-4" style="padding:0px;"> <div class="text-center"> <span class="carousel-title"> <a href="/web/20230204045021/https://nvd.nist.gov/general/news/api-20-announcements"> <img alt="The letters N V D typed out in binary" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/LandingPage/apiGuidance800x632.png" style="width: 300px; height: 237px;" title="Whats new in API two"> <br/> <strong>New 2.0 APIs</strong> </a> </span> </div> </div> <div class="col-md-4" style="padding:0px;"> <div class="text-center"> <span class="carousel-title"> <a href="/web/20230204045021/https://nvd.nist.gov/general/news/change-timeline"> <img alt="Emphasis on APIs for web automation" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/LandingPage/changeTimeline800x632.png" style="width: 300px; height: 237px;" title="Emphasis on APIs for web automation!"> <br/> <strong>2022-23 Change Timeline</strong> </a> </span> </div> </div> <div class="row"> <div class="col-md-4" style="padding:0px;"> <div class="text-center"> <span class="carousel-title"> <a href="/web/20230204045021/https://nvd.nist.gov/general/news/cisa-exploit-catalog"> <img alt="Icon for CISA Known Exploited Vulnerabilities Catalog Announcement" src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/LandingPage/kevCatalog800x632.png" style="width: 300px; height: 237px;" title="Helping you comply with BOD 22-01"> <br/> <strong>New Parameters</strong> </a> </span> </div> </div> </div> <br/> <span>The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.</span> <br/> <br/> <span>For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult <a href="https://web.archive.org/web/20230204045021/https://data.nist.gov/od/id/1E0F15DAAEFB84E4E0531A5706813DD8436"> NIST's Public Data Repository</a>.</span> <br/> <br/> <div> <div class="row"> <div class="col-md-12 col-sm-12"> <div id="vulnResultsPanel"> <!-- Results Panel --> <div id="latestVulnsArea"> <div id="latestVulnsTitleRow" class="row"> <span class="hidden-md col-lg-9"> <strong class="h4Size">Last 20 Scored Vulnerability IDs &amp; Summaries</strong> </span> <span class="hidden-md col-lg-3"> <strong class="h4Size">CVSS Severity </strong> </span> </div> <ul id="latestVulns"> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24022" id="cveDetailAnchor-0">CVE-2023-24022</a></strong> - Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. (The credentials are stored ... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24022#vulnDescriptionTitle">read CVE-2023-24022</a><br> <strong>Published:</strong> January 26, 2023; 4:18:15 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-0"> <span id="cvss3-link-0"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24022&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-critical" data-testid="vuln-cvss3-link-0" aria-label="V3 score for CVE-2023-24022">9.8 CRITICAL</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24427" id="cveDetailAnchor-1">CVE-2023-24427</a></strong> - Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login. <br> <strong>Published:</strong> January 26, 2023; 4:18:16 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-1"> <span id="cvss3-link-1"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24427&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-critical" data-testid="vuln-cvss3-link-1" aria-label="V3 score for CVE-2023-24427">9.8 CRITICAL</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24422" id="cveDetailAnchor-2">CVE-2023-24422</a></strong> - A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protectio... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24422#vulnDescriptionTitle">read CVE-2023-24422</a><br> <strong>Published:</strong> January 26, 2023; 4:18:16 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-2"> <span id="cvss3-link-2"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24422&amp;vector=AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-2" aria-label="V3 score for CVE-2023-24422">8.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48070" id="cveDetailAnchor-3">CVE-2022-48070</a></strong> - Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. <br> <strong>Published:</strong> January 27, 2023; 10:15:10 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-3"> <span id="cvss3-link-3"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48070&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-3" aria-label="V3 score for CVE-2022-48070">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24440" id="cveDetailAnchor-4">CVE-2023-24440</a></strong> - Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. <br> <strong>Published:</strong> January 26, 2023; 4:18:17 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-4"> <span id="cvss3-link-4"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24440&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-4" aria-label="V3 score for CVE-2023-24440">5.5 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24439" id="cveDetailAnchor-5">CVE-2023-24439</a></strong> - Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. <br> <strong>Published:</strong> January 26, 2023; 4:18:17 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-5"> <span id="cvss3-link-5"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24439&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-5" aria-label="V3 score for CVE-2023-24439">5.5 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48071" id="cveDetailAnchor-6">CVE-2022-48071</a></strong> - Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. <br> <strong>Published:</strong> January 27, 2023; 10:15:10 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-6"> <span id="cvss3-link-6"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48071&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-6" aria-label="V3 score for CVE-2022-48071">7.5 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24438" id="cveDetailAnchor-7">CVE-2023-24438</a></strong> - A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anot... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24438#vulnDescriptionTitle">read CVE-2023-24438</a><br> <strong>Published:</strong> January 26, 2023; 4:18:17 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-7"> <span id="cvss3-link-7"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24438&amp;vector=AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-7" aria-label="V3 score for CVE-2023-24438">6.5 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24429" id="cveDetailAnchor-8">CVE-2023-24429</a></strong> - Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to h... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24429#vulnDescriptionTitle">read CVE-2023-24429</a><br> <strong>Published:</strong> January 26, 2023; 4:18:17 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-8"> <span id="cvss3-link-8"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24429&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-critical" data-testid="vuln-cvss3-link-8" aria-label="V3 score for CVE-2023-24429">9.8 CRITICAL</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24428" id="cveDetailAnchor-9">CVE-2023-24428</a></strong> - A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker&#39;s account. <br> <strong>Published:</strong> January 26, 2023; 4:18:17 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-9"> <span id="cvss3-link-9"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24428&amp;vector=AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-9" aria-label="V3 score for CVE-2023-24428">5.7 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48072" id="cveDetailAnchor-10">CVE-2022-48072</a></strong> - Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. <br> <strong>Published:</strong> January 27, 2023; 10:15:10 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-10"> <span id="cvss3-link-10"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48072&amp;vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-10" aria-label="V3 score for CVE-2022-48072">7.8 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48010" id="cveDetailAnchor-11">CVE-2022-48010</a></strong> - LimeSurvey v5.4.15 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /index.php/surveyAdministration/rendersidemenulink?subaction=surveytexts. This vulnerability allows attackers to execute arbitrary web ... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48010#vulnDescriptionTitle">read CVE-2022-48010</a><br> <strong>Published:</strong> January 27, 2023; 1:15:15 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-11"> <span id="cvss3-link-11"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48010&amp;vector=AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-11" aria-label="V3 score for CVE-2022-48010">5.4 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-24430" id="cveDetailAnchor-12">CVE-2023-24430</a></strong> - Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. <br> <strong>Published:</strong> January 26, 2023; 4:18:17 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-12"> <span id="cvss3-link-12"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-24430&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-critical" data-testid="vuln-cvss3-link-12" aria-label="V3 score for CVE-2023-24430">9.8 CRITICAL</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48008" id="cveDetailAnchor-13">CVE-2022-48008</a></strong> - An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file. <br> <strong>Published:</strong> January 27, 2023; 1:15:15 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-13"> <span id="cvss3-link-13"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48008&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&amp;version=3.1&amp;source=NIST" class="label label-critical" data-testid="vuln-cvss3-link-13" aria-label="V3 score for CVE-2022-48008">9.8 CRITICAL</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48073" id="cveDetailAnchor-14">CVE-2022-48073</a></strong> - Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. <br> <strong>Published:</strong> January 27, 2023; 10:15:10 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-14"> <span id="cvss3-link-14"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48073&amp;vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N&amp;version=3.1&amp;source=NIST" class="label label-danger" data-testid="vuln-cvss3-link-14" aria-label="V3 score for CVE-2022-48073">7.5 HIGH</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0533" id="cveDetailAnchor-15">CVE-2023-0533</a></strong> - A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours &amp; Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin/expense_report.php. The manipulation of the ar... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0533#vulnDescriptionTitle">read CVE-2023-0533</a><br> <strong>Published:</strong> January 27, 2023; 6:15:13 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-15"> <span id="cvss3-link-15"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-0533&amp;vector=AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-15" aria-label="V3 score for CVE-2023-0533">4.7 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0563" id="cveDetailAnchor-16">CVE-2023-0563</a></strong> - A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0563#vulnDescriptionTitle">read CVE-2023-0563</a><br> <strong>Published:</strong> January 28, 2023; 6:15:08 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-16"> <span id="cvss3-link-16"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-0563&amp;vector=AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-16" aria-label="V3 score for CVE-2023-0563">4.8 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2022-48007" id="cveDetailAnchor-17">CVE-2022-48007</a></strong> - A stored cross-site scripting (XSS) vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent. <br> <strong>Published:</strong> January 27, 2023; 1:15:14 PM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-17"> <span id="cvss3-link-17"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-48007&amp;vector=AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-17" aria-label="V3 score for CVE-2022-48007">5.4 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0531" id="cveDetailAnchor-18">CVE-2023-0531</a></strong> - A vulnerability classified as critical has been found in SourceCodester Online Tours &amp; Travels Management System 1.0. Affected is an unknown function of the file admin/booking_report.php. The manipulation of the argument to_date leads to sql injec... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0531#vulnDescriptionTitle">read CVE-2023-0531</a><br> <strong>Published:</strong> January 27, 2023; 6:15:13 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-18"> <span id="cvss3-link-18"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-0531&amp;vector=AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-18" aria-label="V3 score for CVE-2023-0531">4.7 MEDIUM</a><br/> </span> </p> </div> </li> <li> <div class="col-lg-9"> <p> <strong><a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0534" id="cveDetailAnchor-19">CVE-2023-0534</a></strong> - A vulnerability, which was classified as critical, was found in SourceCodester Online Tours &amp; Travels Management System 1.0. This affects an unknown part of the file admin/expense_report.php. The manipulation of the argument to_date leads to sql i... <a href="/web/20230204045021/https://nvd.nist.gov/vuln/detail/CVE-2023-0534#vulnDescriptionTitle">read CVE-2023-0534</a><br> <strong>Published:</strong> January 27, 2023; 6:15:14 AM -0500 </p> </div> <div class="col-lg-3"> <p id="severity-score-19"> <span id="cvss3-link-19"> <em>V3.1:</em> <a href="/web/20230204045021/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2023-0534&amp;vector=AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L&amp;version=3.1&amp;source=NIST" class="label label-warning" data-testid="vuln-cvss3-link-19" aria-label="V3 score for CVE-2023-0534">4.7 MEDIUM</a><br/> </span> </p> </div> </li> </ul> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </main> <footer id="footer" role="contentinfo"> <div class="container"> <div class="row"> <div class="col-sm-12"> <ul class="social-list pull-right"> <li class="field-item service-twitter list-horiz"><a href="https://web.archive.org/web/20230204045021/https://twitter.com/NISTCyber" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-twitter fa-fw"><span class="element-invisible">twitter</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a></li> <li class="field-item service-facebook list-horiz"><a href="https://web.archive.org/web/20230204045021/https://www.facebook.com/NIST" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-linkedin list-horiz"><a href="https://web.archive.org/web/20230204045021/https://www.linkedin.com/company/nist" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-youtube list-horiz"><a href="https://web.archive.org/web/20230204045021/https://www.youtube.com/user/USNISTGOV" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-rss list-horiz"><a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/news-events/nist-rss-feeds" target="_blank" class="social-btn social-btn--large extlink"> <i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i> </a></li> <li class="field-item service-govdelivery list-horiz last"><a href="https://web.archive.org/web/20230204045021/https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-envelope fa-fw"><span class="element-invisible">govdelivery</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a></li> </ul> <span class="hidden-xs"> <a title="National Institute of Standards and Technology" rel="home" class="footer-nist-logo"> <img src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.png" alt="National Institute of Standards and Technology logo"/> </a> </span> </div> </div> <div class="row hidden-sm hidden-md hidden-lg"> <div class="col-sm-12"> <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo"> <img src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.png" alt="National Institute of Standards and Technology logo"/> </a> </div> </div> <div class="row footer-contact-container"> <div class="col-sm-6"> <strong>HEADQUARTERS</strong> <br> 100 Bureau Drive <br> Gaithersburg, MD 20899 <br> <a href="https://web.archive.org/web/20230204045021/tel:301-975-2000">(301) 975-2000</a> <br> <br> <a href="https://web.archive.org/web/20230204045021/mailto:nvd@nist.gov">Webmaster</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/about-nist/contact-us">Contact Us</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/about-nist/visit" style="display: inline-block;">Our Other Offices</a> </div> <div class="col-sm-6"> <div class="pull-right" style="text-align:right"> <strong>Incident Response Assistance and Non-NVD Related<br>Technical Cyber Security Questions:</strong> <br> US-CERT Security Operations Center <br> Email: <a href="https://web.archive.org/web/20230204045021/mailto:soc@us-cert.gov">soc@us-cert.gov</a> <br> Phone: 1-888-282-0870 <br> <span style="display: inline-block; text-align: left; margin-left: 0; margin-right: 0;"> <strong style="float: right">Sponsored by</strong> <br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="https://web.archive.org/web/20230204045021/https://www.cisa.gov/" target="_blank">CISA</a> </span> <a style="float: right; width: 68px;"> <img src="/web/20230204045021im_/https://nvd.nist.gov/site-media/images/cisa-thumbnail.png" alt="CISA"/> </a> </div> </div> </div> <div class="row"> <nav title="Footer Navigation" role="navigation" class="row footer-bottom-links-container"> <!-- https://github.com/usnistgov/nist-header-footer/blob/nist-pages/boilerplate-footer.html --> <p> <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/oism/site-privacy">Site Privacy</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/oism/accessibility">Accessibility</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/privacy">Privacy Program</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/oism/copyrights">Copyrights</a> | <a href="https://web.archive.org/web/20230204045021/https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/foia">FOIA</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/environmental-policy-statement">Environmental Policy</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a> | <a href="https://web.archive.org/web/20230204045021/https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a> | <a href="https://web.archive.org/web/20230204045021/https://www.commerce.gov/">Commerce.gov</a> | <a href="https://web.archive.org/web/20230204045021/https://www.science.gov/">Science.gov</a> | <a href="https://web.archive.org/web/20230204045021/https://www.usa.gov/">USA.gov</a> </p> </nav> </div> </div> </footer> </body> </html><!-- FILE ARCHIVED ON 04:50:21 Feb 04, 2023 AND RETRIEVED FROM THE INTERNET ARCHIVE ON 23:24:53 Dec 01, 2024. JAVASCRIPT APPENDED BY WAYBACK MACHINE, COPYRIGHT INTERNET ARCHIVE. ALL OTHER CONTENT MAY ALSO BE PROTECTED BY COPYRIGHT (17 U.S.C. SECTION 108(a)(3)). --> <!-- playback timings (ms): captures_list: 0.782 exclusion.robots: 0.046 exclusion.robots.policy: 0.034 esindex: 0.01 cdx.remote: 29.256 LoadShardBlock: 392.761 (6) PetaboxLoader3.resolve: 3292.1 (4) PetaboxLoader3.datanode: 125.863 (7) load_resource: 3125.471 -->

Pages: 1 2 3 4 5 6 7 8 9 10