CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-39593

Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 67.0%

CVSS Severity

CVSS v3 Score 5.6

References

https://github.com/Ant1sec-ops/CVE-2023-39593
https://seclists.org/fulldisclosure/2012/Dec/39

Products affected by CVE-2023-39593

Mariadb » Mariadb » Version: 10.5.0

cpe:2.3:a:mariadb:mariadb:10.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39593

Products

Pricing

Contact Us