How severe is CVE-2023-40453?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2023-40453?

This is classified as CWE-116, which is a common weakness in software security.

CVE-2023-40453 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide crafted version data, which might potentially trick an administrator into performing an unsafe action (via escape sequence injection), or might have a data size that causes a denial of service to a bastion node. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Related Vulnerabilities

CVE-2009-4267

MEDIUM

CVSS:6.5(Medium)

The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.

CWE-1162009

CVE-2019-0857

MEDIUM

CVSS:6.5(Medium)

A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.

CWE-1162019

CVE-2019-0956

MEDIUM

CVSS:6.5(Medium)

An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint S...

CWE-1162019

CVE-2019-0971

MEDIUM

CVSS:6.5(Medium)

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, ...

CWE-1162019

CVE-2020-27604

MEDIUM

CVSS:6.5(Medium)

BigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for remote authenticated users to read the API shared secret in the bigbluebutton.properties file. With th...

CWE-1162020

CVE-2021-28662

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly oc...

CWE-1162021