CVE-2023-39016

bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument.
References
Link Resource
https://gitee.com/bboss/bboss/issues/I7MH08 Exploit Issue Tracking Third Party Advisory
https://gitee.com/bboss/bboss/issues/I7MH08 Exploit Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:bbossgroups:bboss:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:14

Type Values Removed Values Added
Summary
  • (es) Se descubrió que bboss-persistent v6.0.9 y versiones anteriores contenían una vulnerabilidad de inyección de código en el componente com.frameworkset.common.poolman.util.SQLManager.createPool. Esta vulnerabilidad se explota pasando un argumento no verificado.
References () https://gitee.com/bboss/bboss/issues/I7MH08 - Exploit, Issue Tracking, Third Party Advisory () https://gitee.com/bboss/bboss/issues/I7MH08 - Exploit, Issue Tracking, Third Party Advisory

30 Jul 2024, 14:55

Type Values Removed Values Added
CPE cpe:2.3:a:bbossgroups:bboss-persistent:*:*:*:*:*:*:*:* cpe:2.3:a:bbossgroups:bboss:*:*:*:*:*:*:*:*
First Time Bbossgroups bboss

03 Aug 2023, 18:07

Type Values Removed Values Added
CPE cpe:2.3:a:bbossgroups:bboss-persistent:*:*:*:*:*:*:*:*
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References (MISC) https://gitee.com/bboss/bboss/issues/I7MH08 - (MISC) https://gitee.com/bboss/bboss/issues/I7MH08 - Exploit, Issue Tracking, Third Party Advisory

28 Jul 2023, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-28 15:15

Updated : 2024-11-21 08:14


NVD link : CVE-2023-39016

Mitre link : CVE-2023-39016

CVE.ORG link : CVE-2023-39016


JSON object : View

Products Affected

bbossgroups

  • bboss
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')