CVE-2023-5457
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Una vulnerabilidad CWE-1269 de "Producto lanzado en configuración sin lanzamiento" en el framework web Django utilizado por la aplicación web (debido al parámetro de configuración "depuración" establecido en "Verdadero") permite que un atacante remoto no autenticado acceda a información crítica y tenga otros impactos no especificados a la confidencialidad, integridad y disponibilidad de la aplicación. Este problema afecta: Paquete AiLux imx6 inferior a la versión imx6_1.0.7-2.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-10-09 CVE Reserved
- 2024-03-05 CVE Published
- 2024-03-06 EPSS Updated
- 2024-08-23 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1269: Product Released in Non-Release Configuration
CAPEC
- CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| AiLux Search vendor "AiLux" | Imx6 Bundle Search vendor "AiLux" for product "Imx6 Bundle" | < 1.0.7-2 Search vendor "AiLux" for product "Imx6 Bundle" and version " < 1.0.7-2" | en |
Affected
| ||||||