{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23591", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T10:35:33.584Z", "dateReserved": "2023-01-15T00:00:00", "datePublished": "2023-04-12T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-04-12T00:00:00"}, "descriptions": [{"lang": "en", "value": "The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. The fixed versions are 8.2.18.7, 8.2.18.2.2, 8.3.11.1, and 8.3.14.1."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://docs.terminalfour.com/articles/release-notes-highlights/"}, {"url": "https://docs.terminalfour.com/release-notes/83/15.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:35:33.584Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.terminalfour.com/articles/release-notes-highlights/", "tags": ["x_transferred"]}, {"url": "https://docs.terminalfour.com/release-notes/83/15.html", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*", "matchCriteriaId": "E79944D6-E8B2-4EBC-AF75-6120239DB488", "versionEndExcluding": "8.2.18.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*", "matchCriteriaId": "C308F327-0943-448E-96AA-0708C2C7BA19", "versionEndExcluding": "8.2.18.7", "versionStartIncluding": "8.2.18.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*", "matchCriteriaId": "903E401B-B503-4692-A37E-1B5E6F8B0456", "versionEndExcluding": "8.3.11.1", "versionStartIncluding": "8.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0C42AEF-3566-490F-A5BE-D3FC0A931DC1", "versionEndExcluding": "8.3.14.1", "versionStartIncluding": "8.3.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. The fixed versions are 8.2.18.7, 8.2.18.2.2, 8.3.11.1, and 8.3.14.1."}], "id": "CVE-2023-23591", "lastModified": "2024-11-21T07:46:29.657", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-04-12T14:15:07.687", "references": [{"source": "[email protected]", "tags": ["Release Notes"], "url": "https://docs.terminalfour.com/articles/release-notes-highlights/"}, {"source": "[email protected]", "tags": ["Release Notes"], "url": "https://docs.terminalfour.com/release-notes/83/15.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.terminalfour.com/articles/release-notes-highlights/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.terminalfour.com/release-notes/83/15.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}

{}