CVE-2023-48028

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gist.github.com/bugplorer/9ae8ad7a9f2a3053ebd07a1b7b54deae", "name": "https://gist.github.com/bugplorer/9ae8ad7a9f2a3053ebd07a1b7b54deae", "tags": ["Broken Link"], "refsource": ""}, {"url": "https://nitipoom-jar.github.io/CVE-2023-48028/", "name": "https://nitipoom-jar.github.io/CVE-2023-48028/", "tags": ["Exploit"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-307"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-48028", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2023-11-18T00:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:kodcloud:kodbox:1.46.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-11-25T02:14Z"}