CVE-2023-22891
First published: Wed Mar 08 2023(Updated: )
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SmartBear Zephyr Enterprise | <=7.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-22891?
CVE-2023-22891 is a privilege escalation vulnerability in SmartBear Zephyr Enterprise through version 7.15.0.
How can the privilege escalation vulnerability in SmartBear Zephyr Enterprise be exploited?
The vulnerability can be exploited by authorized users to reset passwords for other accounts.
What is the severity of CVE-2023-22891?
The severity of CVE-2023-22891 is high with a CVSS score of 8.1.
What software versions are affected by CVE-2023-22891?
SmartBear Zephyr Enterprise versions up to and including 7.15.0 are affected by CVE-2023-22891.
Is there a patch available to fix CVE-2023-22891?
Yes, SmartBear has released a patch to fix the privilege escalation vulnerability in Zephyr Enterprise.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- vendor/smartbear
- canonical/smartbear zephyr enterprise
- version/smartbear zephyr enterprise/7.15