How severe is CVE-2023-5117?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2023-5117?

This is classified as CWE-213, which is a common weakness in software security.

CVE-2023-5117

LOW Year: 2023

CVSS v3 Score

3.7

Low

Weakness Type

CWE-213

View all →

Vulnerability Description

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL.

CVE-2022-28794

LOW

CVSS:3.3(Low)

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.

CWE-2132022

CVE-2022-30714

LOW

CVSS:3.3(Low)

Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

CWE-2132022

CVE-2022-30728

LOW

CVSS:3.3(Low)

Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

CWE-2132022

CVE-2022-33692

LOW

CVSS:3.3(Low)

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.

CWE-2132022

CVE-2022-33694

LOW

CVSS:3.3(Low)

Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.

CWE-2132022

CVE-2022-33696

LOW

CVSS:3.3(Low)

Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.

CWE-2132022

CVE-2023-5117

Vulnerability Description

Related Vulnerabilities

CVE-2022-28794

CVE-2022-30714

CVE-2022-30728

CVE-2022-33692

CVE-2022-33694

CVE-2022-33696