CVE-2023-2703

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users.This issue affects Competition Management System: before 23.07.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-23-0283	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:finexmedia:competition_management_system:*:*:*:*:*:*:*:*

History

26 Jul 2023, 10:15

Type	Values Removed	Values Added
CWE	~~CWE-668~~	CWE-359

30 May 2023, 21:48

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.6~~	v2 : unknown v3 : 7.5
References	~~(MISC) https://www.usom.gov.tr/bildirim/tr-23-0283 -~~	(MISC) https://www.usom.gov.tr/bildirim/tr-23-0283 - Third Party Advisory
CPE		cpe:2.3:a:finexmedia:competition_management_system::::::::
CWE	~~CWE-359~~	CWE-668
First Time		Finexmedia competition Management System Finexmedia

23 May 2023, 20:48

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-05-23 20:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-2703

Mitre link : CVE-2023-2703

CVE.ORG link : CVE-2023-2703

JSON object : View

Products Affected

finexmedia

competition_management_system

CWE

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

CWE-668

Exposure of Resource to Wrong Sphere

7.5 /10