How severe is CVE-2023-39155?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-39155?

This is classified as CWE-668, which is a common weakness in software security.

CVE-2023-39155

MEDIUM Year: 2023

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-668

View all →

Vulnerability Description

Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it.

CVE-2016-11006

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.

CWE-6682016

CVE-2016-11007

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.

CWE-6682016

CVE-2016-11008

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.

CWE-6682016

CVE-2016-11009

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.

CWE-6682016

CVE-2016-11010

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.

CWE-6682016

CVE-2016-5334

MEDIUM

CVSS:5.3(Medium)

VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.

CWE-6682016

CVE-2023-39155

Vulnerability Description

Related Vulnerabilities

CVE-2016-11006

CVE-2016-11007

CVE-2016-11008

CVE-2016-11009

CVE-2016-11010

CVE-2016-5334