Vulnerability Details CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.3%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-47392
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.19.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.19.2
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.19.4
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.20.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.20.2
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.21.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.22.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.24.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.25.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.26.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.26.1
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.27.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.28.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.29.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.30.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.30.1
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.31.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.32.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.33.0
-
cpe:2.3:a:mercedes-benz:mercedes_me:1.34.0