How severe is CVE-2023-32168?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2023-32168?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2023-32168 - HIGH Severity | CVSS 8.8

Vulnerability Description

D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUser method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. . Was ZDI-CAN-19534.

Related Vulnerabilities

CVE-2016-1710

HIGH

CVSS:8.8(High)

The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which ...

CWE-2852016

CVE-2016-1711

HIGH

CVSS:8.8(High)

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows r...

CWE-2852016

CVE-2016-3352

HIGH

CVSS:8.8(High)

Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via...

CWE-2852016

CVE-2016-7071

HIGH

CVSS:8.8(High)

It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbi...

CWE-2852016

CVE-2016-9217

HIGH

CVSS:8.8(High)

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. Mor...

CWE-2852016

CVE-2017-0926

HIGH

CVSS:8.8(High)

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.

CWE-2852017