CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-36646

Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.2%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36646
https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36646

Products affected by CVE-2023-36646

Prolion » Cryptospike » Version: 3.0.15

cpe:2.3:a:prolion:cryptospike:3.0.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-36646

Products

Pricing

Contact Us