CVE-2023-29246
CVSS V2 None
CVSS V3 None
Description
An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0
Overview
- CVE ID
- CVE-2023-29246
- Assigner
- security@apache.org
- Vulnerability Status
- Received
- Published Version
- 2023-05-12T08:15:08
- Last Modified Date
- 2023-05-12T08:15:08
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://lists.apache.org/thread/230plvhbdx26m43b0sy942wlwt6kkmmr |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-29246 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29246 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-05-12 09:00:30 | Added to TrackCVE | |||
2023-05-12 09:00:33 | Weakness Enumeration | new |