CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-50974

In Appwrite CLI before 3.0.0, when using the login command, the credentials of the Appwrite user are stored in a ~/.appwrite/prefs.json file with 0644 as UNIX permissions. Any user of the local system can access those credentials.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.0%

CVSS Severity

CVSS v3 Score 5.5

References

https://appwrite.io/docs/tooling/command-line/installation
https://gist.github.com/SkypLabs/72ee00ecfa7d1a3494e2d69a24279c1d
https://appwrite.io/docs/tooling/command-line/installation
https://gist.github.com/SkypLabs/72ee00ecfa7d1a3494e2d69a24279c1d

Products affected by CVE-2023-50974

Appwrite » Command Line Interface » Version: Any

cpe:2.3:a:appwrite:command_line_interface:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-50974

Products

Pricing

Contact Us