CVE-2023-3655

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-749
View all →

Vulnerability Description

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...). This vulnerability can be triggered by an HTTP endpoint exposed to the network.

Related Vulnerabilities

CVE-2006-1547

HIGH
CVSS:7.5(High)

ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name ...

CWE-7492006

CVE-2010-1428

HIGH
CVSS:7.5(High)

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for ...

CWE-7492010

CVE-2021-33639

HIGH
CVSS:7.5(High)

REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified.

CWE-7492021

CVE-2021-35243

HIGH
CVSS:7.5(High)

The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload dat...

CWE-7492021

CVE-2023-34227

HIGH
CVSS:7.5(High)

In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

CWE-7492023

CVE-2023-42032

HIGH
CVSS:7.5(High)

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected ...

CWE-7492023