CVE-2023-2881 MEDIUM

CVE-2023-2881: Storing Passwords in a Recoverable Format in pimcore/customer-data-framework

Vendor Pimcore
Product pimcore/customer-data-framework
Weakness CWE-257
Published May 25, 2023
Last update January 16, 2025

CVSS base score

6.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H

What the vulnerability does

01Description

Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.

Key dates

02Disclosure timeline

May 25, 2023 CVE published
January 16, 2025 Record updated