Database Access Vulnerability in Dolibarr by DOLIBARR
CVE-2023-33568

7.5HIGH

Key Information:

Vendor: Dolibarr
Status: Dolibarr Erp\/crm
Vendor: CVE Published:; 13 June 2023

What is CVE-2023-33568?

A significant vulnerability in Dolibarr versions prior to 16.0.5 allows unauthenticated individuals to gain unauthorized access to critical company data. This includes the ability to perform database dumps, which may expose sensitive information such as client files, prospect lists, supplier records, and employee data, especially if a contact file is present. Organizations using affected versions should take immediate steps to mitigate the risk and update to the latest version.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.dsecbypass.com/en/dolibarr-pre-auth-contact-d...

https://www.dolibarr.org/forum/t/dolibarr-16-0-security-b...

https://github.com/Dolibarr/dolibarr/commit/bb7b69ef43673...

EPSS Score

89% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2023
Vulnerability Reserved
May 22, 2023

JSON

Dolibarr

What is CVE-2023-33568?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.