Pimcore <10.5.23: Privilege Escalation via Unsafe Actions
CVE-2023-2983 Published on May 30, 2023
Privilege Defined With Unsafe Actions in pimcore/pimcore
Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore prior to 10.5.23.
Weakness Type
Privilege Defined With Unsafe Actions
A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
Products Associated with CVE-2023-2983
Want to know whenever a new CVE is published for Pimcore? stack.watch will email you.
Affected Versions
pimcore/pimcore:- Version unspecified and below 10.5.23 is affected.
Vulnerable Packages
The following package name and versions may be associated with CVE-2023-2983
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| composer | pimcore/pimcore | < 10.5.23 | 10.5.23 |
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.