CVE-2023-45798
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Yettiesoft | VestCert | 2.3.6 <= 2.5.29 | affected |
Weaknesses
- CWE-829: CWE-829 Inclusion of Functionality from Untrusted Control Sphere
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.