HIGH🇵🇱 Wersja polska

CVE-2023-47320

CVSS 8.1v3.1pub. 2023-12-13upd. 2026-07-05

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  • Silverpeas

    APP
    Silverpeas
    < 6.3.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-42850CRITICAL9.8PL ✓ten sam produkt

Silverpeas – pomijanie wymagań złożoności hasła przy jego zmianie

CVE-2024-36042CRITICAL9.8PL ✓ten sam produkt

Silverpeas – pominięcie hasła umożliwia dostęp jako superadmin (Auth Bypass)

CVE-2018-19586CRITICAL9.9ten sam produkt

Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be tr...

CVE-2024-48814HIGH7.5ten sam produkt

SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via t...

CVE-2023-47322HIGH8.8ten sam produkt

The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading t...