Vulnerabilities > CVE-2023-4198 - Missing Authorization vulnerability in Dolibarr Erp/Crm

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
dolibarr
CWE-862
NVD
Published: 2023-11-01
Updated: 2023-11-08

Summary

Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data

Vulnerable Configurations

Part Description Count
Application
Dolibarr
168

Common Weakness Enumeration (CWE)

References