← voltar
CVE-2023-33796

CVE-2023-33796

EPSS 0.7%
A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; queries for database objects would have been denied.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/anhdq201/netbox/issues/16https://github.com/netbox-community/netbox/discussions/12729#discussioncomment-6008669