Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

insufficient evidence to determine vulnerabillty CVE-2023-33517 #11

Open
zmanion opened this issue Oct 30, 2023 · 0 comments
Open

insufficient evidence to determine vulnerabillty CVE-2023-33517 #11

zmanion opened this issue Oct 30, 2023 · 0 comments
Labels
CNA rules

Comments

@zmanion
Copy link
Owner

zmanion commented Oct 30, 2023

CVE-2023-33517 probably should not meet the requirement for "sufficient evidence" of a vulnerability. Check the vulnerability determination rules section.

Description:
"carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System)."

References:
https://gist.github.com/wushigudan/288ab32566615d8897c1da7ce7204838

Contents of that gist:

[CVE ID]
CVE-2023-33517
[PRODUCT]
carRental v1.0
[IVERSION]
v1.0
[PROBLEM TYPE]
Incorrect Access Control
[DESCRIPTION]
Arbitrary File Read on Back-end System

(This may be the affected Product: https://github.com/yeqifu/carRental)
@zmanion zmanion changed the title insufficient evidence to determin vulnerabillty CVE-2023-33517 insufficient evidence to determine vulnerabillty CVE-2023-33517 Nov 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
CNA rules
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zmanion