CVE-2023-43291
First published: Wed Sep 27 2023(Updated: )
Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to execute arbitrary code via the cache.php component.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Emlog Emlog | <=2.1.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-43291.
What is the severity of CVE-2023-43291?
The severity of CVE-2023-43291 is critical with a CVSS score of 9.8.
How does the vulnerability CVE-2023-43291 occur?
The vulnerability CVE-2023-43291 occurs due to deserialization of untrusted data in emlog pro v.2.1.15 and earlier.
What is the impact of CVE-2023-43291?
The impact of CVE-2023-43291 is that it allows a remote attacker to execute arbitrary code via the cache.php component.
How can I fix CVE-2023-43291?
To fix CVE-2023-43291, it is recommended to update emlog pro to version 2.1.16 or later.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/emlog
- canonical/emlog emlog
- version/emlog emlog/2.1.15