Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1.
References
Configurations
Configuration 1 (hide)
|
History
25 Jul 2023, 18:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Umbraco umbraco Cms
Umbraco |
|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/umbraco/Umbraco-CMS/commit/1f26f2c6f3428833892cde5c6d8441fb041e410e - Patch | |
References | (MISC) https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-h8wc-r4jh-mg7m - Vendor Advisory | |
References | (MISC) https://github.com/umbraco/Umbraco-CMS/commit/20a4e475c8d7b91d263e4e103ef19f3644e7b569 - Patch | |
References | (MISC) https://github.com/umbraco/Umbraco-CMS/commit/82eae48d098b9deecbdf86cf288b2b18020e1fed - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
13 Jul 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-13 14:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-37267
Mitre link : CVE-2023-37267
CVE.ORG link : CVE-2023-37267
JSON object : View
Products Affected
umbraco
- umbraco_cms
CWE