CVE-2023-44312

Published: Jan 31, 2024Modified: Feb 13, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center before 2.1.0 (include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.

Affected (1)

Products: Apache: Servicecomb

Apache

1 product

Servicecomb

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apache Servicecomb	Before 2.2.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.openwall.com/lists/oss-security/2024/01/31/5

Source: security@apache.org

Mailing ListThird Party Advisory

https://lists.apache.org/thread/dkvlgnrmc17qzjdy9k0cr60wpzcssk1s

Source: security@apache.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2024/01/31/5

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.apache.org/thread/dkvlgnrmc17qzjdy9k0cr60wpzcssk1s

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

Timeline

No history available yet.