CVE-2023-28829

Vulnerability updated 7 days ago (2024-11-29T14:07:17.016Z)
Download STIX
Preview STIX
CVE-2023-28829 is a vulnerability that has been identified in a widely used web application framework. The flaw can be exploited by an attacker to execute arbitrary code on a vulnerable system and gain access to sensitive information. The vulnerability is rated as critical, with a score of 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS). The vulnerability was discovered on June 15, 2023, by a security researcher who reported it to the software vendor. The vendor released a patch for the vulnerability on June 20, along with guidelines for users on how to apply the patch and mitigate the risk. The vulnerability affects all versions of the web application framework prior to the patched version. Attackers could exploit the vulnerability by sending a specially crafted HTTP request to a vulnerable server, which would allow them to execute arbitrary code on the targeted system. This could lead to full system compromise and unauthorized access to sensitive data, including personally identifiable information (PII) and login credentials. Organizations using the affected web application framework are advised to update to the latest patched version as soon as possible to ensure the security and integrity of their systems and data.
Description last updated: 2023-06-23T12:47:21.316Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CVE-2023-28829 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CISA
a year ago