Remote Command Execution Vulnerability in Subrion by Intelliants
CVE-2023-46947

8.8HIGH

Key Information:

Vendor: Intelliants
Status: Subrion
Vendor: CVE Published:; 3 November 2023

🔔 Create Intelliants Vulnerability Alert

What is CVE-2023-46947?

The Subrion CMS version 4.2.1 contains a vulnerability that allows remote command execution through its backend. This flaw exposes systems to unauthorized commands, potentially compromising the integrity and security of the platform. Users of Subrion are urged to apply the latest security updates to mitigate the risk associated with this vulnerability.

References

https://github.com/intelliants/subrion/issues/909

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2023
Vulnerability Reserved
Oct 30, 2023