7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-48848

GHSA ID

GHSA-9vfc-qxc8-wrpq

EPSS Score

0.26669%

CWE

CWE-22

Published

11/28/2023

Updated

10/15/2024

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-48848

CVE-2023-48848: ureport arbitrary file read vulnerability

An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path.

(GitHub Advisory)

7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-48848

GHSA ID

GHSA-9vfc-qxc8-wrpq

EPSS Score

0.26669%

CWE

CWE-22

Published

11/28/2023

Updated

10/15/2024

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.bstek.ureport:ureport2-core	maven	<= 2.2.9

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

*n *r*itr*ry *il* r*** vuln*r**ility in ur*port v*.*.* *llows * r*mot* *tt**k*r to *r*itr*rily r*** *il*s on t** s*rv*r *y ins*rtin* * *r**t** p*t*.

Reasoning

No *n*lysis *v*il**l*

7.5

Basic Information

Concerned about an active attack path?

CVE-2023-48848: ureport arbitrary file read vulnerability

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI