Authorization Vulnerability Affects EventPrime
CVE-2023-33321

5.3MEDIUM

Key Information:

Vendor

WordPress
Status
Eventprime
Vendor
CVE Published:
17 May 2024

What is CVE-2023-33321?

A vulnerability has been identified in the Metagauss EventPrime product that allows unauthorized access due to a misconfigured access control mechanism. This flaw can lead to sensitive data exposure and improper access to functionalities within the application. Administrators are advised to review security settings, ensure correct configurations of access controls, and update to the latest versions to mitigate potential exploitation risks.

Affected Version(s)

EventPrime <= 2.8.6

References

https://patchstack.com/database/vulnerability/eventprime-...
vdb-entry

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

yuyudhn (Patchstack Alliance)
.