CVE-2023-52187

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite – Show Image Credits and Captions.This issue affects Image Source Control Lite – Show Image Credits and Captions: from n/a through 2.17.0.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://patchstack.com/database/vulnerability/image-source-control-isc/wordpress-image-source-control-lite-plugin-2-17-0-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:imagesourcecontrol:image_source_control:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2024-01-27 00:15

Updated : 2024-02-01 04:13

NVD link : CVE-2023-52187

Mitre link : CVE-2023-52187

CVE.ORG link : CVE-2023-52187

JSON object : View

Products Affected

imagesourcecontrol

image_source_control

CWE

NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2023-52187", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-01-27T00:15:24.293", "references": [{"url": "https://patchstack.com/database/vulnerability/image-source-control-isc/wordpress-image-source-control-lite-plugin-2-17-0-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "audit@patchstack.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Thomas Maier Image Source Control Lite \u2013 Show Image Credits and Captions.This issue affects Image Source Control Lite \u2013 Show Image Credits and Captions: from n/a through 2.17.0.\n\n"}, {"lang": "es", "value": "Vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial a un actor no autorizado en Thomas Maier Image Source Control Lite \u2013 Show Image Credits and Captions. Este problema afecta a Image Source Control Lite \u2013 Show Image Credits and Captions: desde n/a hasta 2.17.0."}], "lastModified": "2024-02-01T04:13:18.680", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:imagesourcecontrol:image_source_control:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "8AD9F907-B50F-42C9-8943-A65DD08E81F4", "versionEndIncluding": "2.17.0"}], "operator": "OR"}]}], "sourceIdentifier": "audit@patchstack.com"}