CVE-2023-39005 | Severity.io

Description

Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2.

Related CPE's

Vulnerable

References

ExploitIssue TrackingVendor Advisory

ExploitThird Party Advisory

ExploitIssue TrackingVendor Advisory

ExploitThird Party Advisory

Weaknesses

Primary

CWE-732

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 · High

Information

Source identifier

Vulnerability status

Modified

Published

2023-08-09T17:15:15.077Z

2 years ago

Last modified

2024-11-21T07:14:36.477Z

1 year ago