Vulnerability Description
Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses, and other internal information stored within the web app.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advent | Tamale Rms | < 23.1 |
Related Weaknesses (CWE)
References
- https://cve.report/CVE-2023-33524Third Party Advisory
- https://gist.github.com/barrett092/9ed092e4b14b9145f4d046556eb9dab7Third Party Advisory
- https://www.advent.com/resources/all-resources/info-kit-tamale-rms-for-asset-ownProduct
- https://cve.report/CVE-2023-33524Third Party Advisory
- https://gist.github.com/barrett092/9ed092e4b14b9145f4d046556eb9dab7Third Party Advisory
- https://www.advent.com/resources/all-resources/info-kit-tamale-rms-for-asset-ownProduct
FAQ
What is CVE-2023-33524?
CVE-2023-33524 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses,...
How severe is CVE-2023-33524?
CVE-2023-33524 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-33524?
Check the references section above for vendor advisories and patch information. Affected products include: Advent Tamale Rms.