Vulnerability Details CVE-2023-39016
bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.8%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2023-39016
-
cpe:2.3:a:bbossgroups:bboss:3.7.5
-
cpe:2.3:a:bbossgroups:bboss:3.9.0
-
cpe:2.3:a:bbossgroups:bboss:3.9.1
-
cpe:2.3:a:bbossgroups:bboss:3.9.2
-
cpe:2.3:a:bbossgroups:bboss:3.9.6
-
cpe:2.3:a:bbossgroups:bboss:3.9.7
-
cpe:2.3:a:bbossgroups:bboss:3.9.8
-
cpe:2.3:a:bbossgroups:bboss:3.9.9
-
cpe:2.3:a:bbossgroups:bboss:4.0.0
-
cpe:2.3:a:bbossgroups:bboss:4.0.1
-
cpe:2.3:a:bbossgroups:bboss:4.0.7
-
cpe:2.3:a:bbossgroups:bboss:4.0.8
-
cpe:2.3:a:bbossgroups:bboss:4.10.0
-
cpe:2.3:a:bbossgroups:bboss:4.10.1
-
cpe:2.3:a:bbossgroups:bboss:4.10.2
-
cpe:2.3:a:bbossgroups:bboss:4.10.3
-
cpe:2.3:a:bbossgroups:bboss:4.10.4
-
cpe:2.3:a:bbossgroups:bboss:4.10.5
-
cpe:2.3:a:bbossgroups:bboss:5.0.0
-
cpe:2.3:a:bbossgroups:bboss:5.0.1
-
cpe:2.3:a:bbossgroups:bboss:5.0.2
-
cpe:2.3:a:bbossgroups:bboss:5.0.2.9
-
cpe:2.3:a:bbossgroups:bboss:5.0.3.6
-
cpe:2.3:a:bbossgroups:bboss:5.0.3.7.9
-
cpe:2.3:a:bbossgroups:bboss:5.1.1
-
cpe:2.3:a:bbossgroups:bboss:5.1.2
-
cpe:2.3:a:bbossgroups:bboss:5.2.1
-
cpe:2.3:a:bbossgroups:bboss:5.6.6
-
cpe:2.3:a:bbossgroups:bboss:5.7.2
-
cpe:2.3:a:bbossgroups:bboss:5.8.0
-
cpe:2.3:a:bbossgroups:bboss:5.8.6
-
cpe:2.3:a:bbossgroups:bboss:5.9.0
-
cpe:2.3:a:bbossgroups:bboss:6.0.9