{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-5913","assignerOrgId":"f81092c5-7f14-476d-80dc-24857f90be84","state":"PUBLISHED","assignerShortName":"OpenText","dateReserved":"2023-11-01T22:02:30.314Z","datePublished":"2023-11-08T16:42:31.074Z","dateUpdated":"2024-09-04T13:53:22.231Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Fortify ScanCentral DAST","vendor":"opentext","versions":[{"status":"affected","version":"21.1"},{"status":"affected","version":"21.2"},{"status":"affected","version":"21.2.1"},{"status":"affected","version":"22.1"},{"status":"affected","version":"22.1.1"},{"status":"affected","version":"22.2"},{"status":"affected","version":"23.1"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The<span style=\"background-color: rgb(255, 255, 255);\">&nbsp;vulnerability could be exploited to gain elevated privileges</span>.<p>This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.</p>"}],"value":"Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"}],"impacts":[{"descriptions":[{"lang":"en","value":"Could lead to gaining elevated privileges"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-266","description":"CWE-266 Incorrect Privilege Assignment","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"f81092c5-7f14-476d-80dc-24857f90be84","shortName":"OpenText","dateUpdated":"2023-11-08T16:42:31.074Z"},"references":[{"url":"https://portal.microfocus.com/s/article/KM000023500?language=en_US"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\n\n<a target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000023500?language=en_US\">portal.microfocus.com/s/article/KM000023500?language=en_US</a>\n\n<br>"}],"value":"\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \n\n\n"}],"source":{"discovery":"UNKNOWN"},"title":"A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:14:24.622Z"},"title":"CVE Program Container","references":[{"url":"https://portal.microfocus.com/s/article/KM000023500?language=en_US","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-266","lang":"en","description":"CWE-266 Incorrect Privilege Assignment"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-04T13:51:53.335836Z","id":"CVE-2023-5913","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-04T13:53:22.231Z"}}]}}