How severe is CVE-2023-51386?

This vulnerability has a severity rating of LOW with a CVSS score of 3.3 out of 10.

What type of vulnerability is CVE-2023-51386?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2023-51386 - LOW Severity | CVSS 3.3

Vulnerability Description

Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned events, timeframes, budgets and owner email addresses. This data access may allow users to get insights into upcoming events and join events which they have not been invited to. This issue has been patched in version 1.10.0.

Related Vulnerabilities

CVE-2012-2148

LOW

CVSS:3.3(Low)

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies

CWE-2692012

CVE-2017-5084

LOW

CVSS:3.3(Low)

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

CWE-2692017

CVE-2019-15332

LOW

CVSS:3.3(Low)

The Lava Z61 Android device with a build fingerprint of LAVA/Z61_2GB/Z61_2GB:8.1.0/O11019/1533889281:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave ap...

CWE-2692019

CVE-2020-16126

LOW

CVSS:3.3(Low)

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to Account...

CWE-2692020

CVE-2020-4603

LOW

CVSS:3.3(Low)

IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weak...

CWE-2692020

CVE-2021-25336

LOW

CVSS:3.3(Low)

Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malic...

CWE-2692021