Vulnerability Details CVE-2020-23451
Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2020-23451
-
cpe:2.3:a:spiceworks:spiceworks:7.0
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01234
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01242
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01263
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01276
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01280
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01283
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01287
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01308
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01317
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01322
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01324
-
cpe:2.3:a:spiceworks:spiceworks:7.0.01329
-
cpe:2.3:a:spiceworks:spiceworks:7.1
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00010
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00012
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00023
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00024
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00026
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00027
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00035
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00036
-
cpe:2.3:a:spiceworks:spiceworks:7.1.00042
-
cpe:2.3:a:spiceworks:spiceworks:7.2
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00174
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00189
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00190
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00195
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00202
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00207
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00217
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00218
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00221
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00222
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00223
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00226
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00230
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00521
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00526
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00528
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00531
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00532
-
cpe:2.3:a:spiceworks:spiceworks:7.2.00534
-
cpe:2.3:a:spiceworks:spiceworks:7.3
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00026
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00027
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00042
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00048
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00050
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00060
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00065
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00075
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00076
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00105
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00106
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00108
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00111
-
cpe:2.3:a:spiceworks:spiceworks:7.3.00112
-
cpe:2.3:a:spiceworks:spiceworks:7.4.00059
-
cpe:2.3:a:spiceworks:spiceworks:7.4.00060
-
cpe:2.3:a:spiceworks:spiceworks:7.4.00064
-
cpe:2.3:a:spiceworks:spiceworks:7.4.00065
-
cpe:2.3:a:spiceworks:spiceworks:7.4.00070
-
cpe:2.3:a:spiceworks:spiceworks:7.4.00075
-
cpe:2.3:a:spiceworks:spiceworks:7.4.0099
-
cpe:2.3:a:spiceworks:spiceworks:7.4.0115
-
cpe:2.3:a:spiceworks:spiceworks:7.4.0118
-
cpe:2.3:a:spiceworks:spiceworks:7.4.0119
-
cpe:2.3:a:spiceworks:spiceworks:7.5
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00050
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00053
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00055
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00057
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00059
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00061
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00062
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00063
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00065
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00068
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00070
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00073
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00074
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00077
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00087
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00088
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00091
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00093
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00095
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00098
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00101
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00104
-
cpe:2.3:a:spiceworks:spiceworks:7.5.00107
-
cpe:2.3:a:spiceworks:spiceworks:7.5.7.0