Vulnerabilities > CVE-2023-33517 - Files or Directories Accessible to External Parties vulnerability in Carrental Project Carrental 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
carrental-project
CWE-552
NVD
Published: 2023-10-23
Updated: 2023-10-31

Summary

carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System).

Vulnerable Configurations

Part Description Count
Application
Carrental_Project
1

Common Weakness Enumeration (CWE)

References