What the vulnerability does
01Description
SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network
CVE-2023-39376
MEDIUM
CVE-2023-39376: SiberianCMS - CWE-284: Improper Access Control Authorized user may disable a security feature over the network
CVSS base score
6.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Key dates
02Disclosure timeline
September 26, 2023
CVE published
September 24, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2022-34453
CVE-2025-7552 Dromara Northstar Path AuthorizationInterceptor.java preHandle access control
CVE-2026-34233 CtrlPanel has Missing Authentication Checks in Datatable Admin Endpoints
CVE-2022-22190 Paragon Active Assurance Control Center: Information disclosure vulnerability in crafted URL
CVE-2023-33872
