Miggo Logo
Miggo Vulnerability Database
CVE-2023-33949

CVE-2023-33949:
Insecure Default Initialization In Liferay Portal

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-33949
GHSA ID
GHSA-g9mr-9xfc-4gf7
EPSS Score
0.39623%
CWE
CWE-1188
Published
5/24/2023
Updated
11/6/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.liferay.portal:release.portal.bommaven>= 7.0.0, < 7.3.17.3.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

In Li**r*y Port*l *.*.* *n* **rli*r, *n* Li**r*y *XP *.* *n* **rli*r t** ****ult *on*i*ur*tion *o*s not r*quir* us*rs to v*ri*y t**ir *m*il ***r*ss, w*i** *llows r*mot* *tt**k*rs to *r**t* ***ounts usin* **k* *m*il ***r*ss*s or *m*il ***r*ss*s w*i**

Reasoning

No *n*lysis *v*il**l*