Skip to main content

Admin Classic Bundle CVE-2023-5844

HIGH
Unverified Password Change (CWE-620)
2023-10-30 security@huntr.dev
7.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 30, 2023 - 11:15 nvd
HIGH 7.2

DescriptionNVD

Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.

AnalysisAI

Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-620. Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. Affected products include: Pimcore Admin Classic Bundle. Version information: prior to 1.2.0..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-25625 CRITICAL POC
9.3 Feb 19

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Rated critical severity (CVSS 9.3), this vulnerability

CVE-2024-23646 HIGH POC
8.8 Jan 24

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Rated high severity (CVSS 8.8), this vulne

CVE-2024-23648 HIGH POC
8.8 Jan 24

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Rated high severity (CVSS 8.8), this vulne

CVE-2024-41109 MEDIUM POC
6.5 Jul 30

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Rated medium severity (CVSS 6.5), this vul

CVE-2023-47636 MEDIUM POC
5.3 Nov 15

The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Rated medium severity (CVSS 5.3), this vulnerability

CVE-2024-24822 CRITICAL
9.1 Feb 07

Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Rated critical severity (CVSS 9.1), this v

CVE-2026-23495 MEDIUM POC
4.3 Jan 15

Pimcore Admin Classic Bundle versions prior to 2.2.3 and 1.7.16 fail to enforce proper authorization on the Predefined P

CVE-2023-49075 HIGH
7.2 Nov 28

The Admin Classic Bundle provides a Backend UI for Pimcore. Rated high severity (CVSS 7.2), this vulnerability is remote

CVE-2023-46722 MEDIUM
6.1 Oct 31

The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Rated medium severity (CVSS 6.1), this vulnerability

CVE-2023-37280 MEDIUM
6.1 Jul 11

Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. Rated medium severity (CVSS

CVE-2023-42817 MEDIUM
5.4 Sep 25

Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. Rated medium severity (CVSS 5.4), this vulnerability

CVE-2025-30166 LOW
1.8 Apr 08

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Rated low severity (CVSS 1.8), this vulnerability is r

Share

CVE-2023-5844 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy