CVE-2023-34382

{"id": "CVE-2023-34382", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.3}]}, "published": "2023-12-19T20:15:07.340", "references": [{"url": "https://patchstack.com/database/vulnerability/dokan-lite/wordpress-dokan-plugin-3-7-19-php-object-injection-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "audit@patchstack.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in weDevs Dokan \u2013 Best WooCommerce Multivendor Marketplace Solution \u2013 Build Your Own Amazon, eBay, Etsy.This issue affects Dokan \u2013 Best WooCommerce Multivendor Marketplace Solution \u2013 Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.19.\n\n"}, {"lang": "es", "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en weDevs Dokan \u2013 Best WooCommerce Multivendor Marketplace Solution \u2013 Build Your Own Amazon, eBay, Etsy. Este problema afecta a Dokan \u2013 Best WooCommerce Multivendor Marketplace Solution \u2013 Build Your Own Amazon, eBay, Etsy: desde n/a hasta 3.7 .19."}], "lastModified": "2023-12-28T19:55:45.243", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wedevs:dokan:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "3CE885E0-81D1-4EC4-8189-D43D5E0F27AF", "versionEndIncluding": "3.7.19"}], "operator": "OR"}]}], "sourceIdentifier": "audit@patchstack.com"}