CVE-2023-2080

{"id": "CVE-2023-2080", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@forcepoint.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-06-15T23:15:09.020", "references": [{"url": "https://support.forcepoint.com/s/article/000041871", "tags": ["Vendor Advisory"], "source": "psirt@forcepoint.com"}, {"url": "https://support.forcepoint.com/s/article/000041871", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@forcepoint.com", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud allows Blind SQL Injection."}], "lastModified": "2024-11-21T07:57:53.933", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:forcepoint:email_security:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9DD17A1-E6F8-4ED5-9566-C5C3A62EFCDE"}, {"criteria": "cpe:2.3:a:forcepoint:web_security:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66F97068-979A-4D45-B2C6-A98FF1887EED"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@forcepoint.com"}