Vulnerability in Abstrium Pydio Cells
CVE-2023-2980
A vulnerability classified as critical was found in Abstrium Pydio Cells 4.2.0. This vulnerability affects unknown code of the component User Creation Handler. The manipulation leads to improper control of resource identifiers. The attack…
EPSS: 0.005 (65.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.
Affected products
- Abstrium Pydio Cells — versions 4.2.0
Weakness classification (CWE)
References
- vuldb.com/ (vdb-entry, technical-description)
- vuldb.com/ (signature, permissions-required)
- pydio.com/en/community/releases/pydio-cells/pydio-cells-enterprise-421 (patch)
- popalltheshells.medium.com/multiple-cves-affecting-pydio-cells-4-2-0-321e7e4712… (exploit)
Frequently asked questions
- What is CVE-2023-2980?
- CVE-2023-2980 is a medium-severity vulnerability in Abstrium Pydio Cells, classified under Resource Injection. CVSS score: 6.3/10. Published 2023-05-30.
- How severe is CVE-2023-2980?
- Medium severity. CVSS v3 base score is 6.3 out of 10.