CVE-2023-47320
HIGHSilverpeas Core < 6.3.2 - Authenticated Denial of Service via Maintenance Mode Function
Title source: llmDescription
Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below.
References (2)
Core 2
Core References
Product
http://silverpeas.com
Exploit, Third Party Advisory
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47320
Scores
CVSS v3
8.1
EPSS
0.0074
EPSS Percentile
49.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-863
Status
published
Products (3)
org.silverpeas.core/silverpeas-core-war
0 - 6.3.2Maven
org.silverpeas.core/silverpeas-core-web
0 - 6.3.2Maven
silverpeas/silverpeas
< 6.3.2
Published
Dec 13, 2023
Tracked Since
Feb 18, 2026