) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
CVSS v3.1 Statistics for dotCMS LLC as of 08/14/2024
5
16
2
12
Reference
0-69.9%
|
|
Reference |
75.0
Contributor
70-94.9%
Provider
95-100%
| CVE | CNA Value | Alignment | NIST Value | Reason |
|---|---|---|---|---|
| CVE-2023-3042 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | ≠ | User Interaction (UI) Required | Internet browsing, Link clicking and/or file interaction identified | |
| Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) None | ≠ | Integrity (I) Low | Integrity impact appears non-critical | |
| Availability (A) None | Availability (A) None | |||
| CVE-2024-3938 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None |