Information Disclosure in Zentao Biz by ZenTao
CVE-2023-46376

7.5HIGH

Key Information:

Vendor: Zentao
Status: Biz
Vendor: CVE Published:; 27 October 2023

What is CVE-2023-46376?

Zentao Biz versions up to and including 8.7 are susceptible to an information disclosure vulnerability. This flaw could allow unauthorized users to access sensitive information, potentially exposing confidential user data. Organizations utilizing Zentao Biz are advised to assess their systems for this defect and implement necessary security measures to mitigate risks associated with unintended data exposure.

References

https://narrow-payment-2cd.notion.site/zentao-8-7-has-inf...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2023
Vulnerability Reserved
Oct 23, 2023

JSON