Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS12OXJtLTdydjktcjNmd84AAzTL

High EPSS: 0.00123% (0.32128 Percentile) EPSS:
Permalink JSON

Apache OpenMeetings Improper Authentication vulnerability

Affected Packages Affected Versions Fixed Versions
maven:org.apache.openmeetings:openmeetings-parent >= 3.1.3, < 7.1.0 7.1.0
0 Dependent packages
1 Dependent repositories

Affected Version Ranges

All affected versions

3.1.3, 3.1.4, 3.1.5, 3.2.0, 3.2.1, 3.3.0, 3.3.1, 3.3.2, 4.0.0, 4.0.1, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.9, 4.0.10, 4.0.11, 5.0.0, 5.0.0-M1, 5.0.0-M2, 5.0.0-M3, 5.0.0-M4, 5.1.0, 6.2.0, 6.3.0, 7.0.0

All unaffected versions

3.1.2, 7.2.0, 8.0.0, 8.1.0

An attacker that has gained access to certain private information can use this to act as other user.

Vendor: The Apache Software Foundation

Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0

References:

Identifiers

GHSA-v9rm-7rv9-r3fw

CVE-2023-29032

Risk

Severity

High

EPSS

EPSS Percentage: 0.00123

EPSS Percentile: 0.32128

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/apache/openmeetings

Date and time

Published

over 2 years ago

Updated

16 days ago

API

JSON