CVE-2023-47458

CRITICAL

bladex springblade < 3.7.0 - Missing Authorization

Title source: llm
STIX 2.1

Description

An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework.

Scores

CVSS v3 9.8
EPSS 0.0078
EPSS Percentile 51.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-862
Status published
Products (1)
bladex/springblade < 3.7.0
Published Jan 02, 2024
Tracked Since Feb 18, 2026