CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-5296

A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak password recovery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-240926 is the identifier assigned to this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.5%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

https://github.com/magicwave18/vuldb/issues/1
https://vuldb.com/?ctiid.240926
https://vuldb.com/?id.240926
https://github.com/magicwave18/vuldb/issues/1
https://vuldb.com/?ctiid.240926
https://vuldb.com/?id.240926

Products affected by CVE-2023-5296

Rockoa » Rockoa » Version: 1.1

cpe:2.3:a:rockoa:rockoa:1.1
Rockoa » Rockoa » Version: 15.x3amdi

cpe:2.3:a:rockoa:rockoa:15.x3amdi
Rockoa » Rockoa » Version: 2.3.2

cpe:2.3:a:rockoa:rockoa:2.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5296

Products

Pricing

Contact Us