What is CVE-2023-6761?

CVE-2023-6761 is a medium-severity vulnerability in Thecosy Icecms, classified under Improper Access Control. CVSS score: 4.3/10. Published 2023-12-13.

How severe is CVE-2023-6761?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Thecosy Icecms

CVE-2023-6761

A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknown processing of the component User Data Handler. The manipulation leads to improper access controls. The atta…

EPSS: 0.001 (30.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

Thecosy Icecms — versions 2.0.0, 2.0.1

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

vuldb.com/ (vdb-entry)
vuldb.com/ (signature, permissions-required)
39.106.130.187/chui/1.html (exploit)

Frequently asked questions

What is CVE-2023-6761?: CVE-2023-6761 is a medium-severity vulnerability in Thecosy Icecms, classified under Improper Access Control. CVSS score: 4.3/10. Published 2023-12-13.
How severe is CVE-2023-6761?: Medium severity. CVSS v3 base score is 4.3 out of 10.