CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-52286

Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.4%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/Narrator21/tdsql/blob/main/20230927.md
https://github.com/Narrator21/tdsql/blob/main/20230927.md

Products affected by CVE-2023-52286

Tencent » Tencent Distributed Sql » Version: N/A

cpe:2.3:a:tencent:tencent_distributed_sql:-
Tencent » Tencent Distributed Sql » Version: 1.8.5

cpe:2.3:a:tencent:tencent_distributed_sql:1.8.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-52286

Products

Pricing

Contact Us