VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-8ytn-qf7f-yfbf

Essentials
Severities (15)
References (5)
Severity details (13)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-8ytn-qf7f-yfbf
Aliases	CVE-2023-5591 GHSA-mr6h-7x2m-rgmq
Summary	SQL Injection in GitHub repository librenms/librenms prior to 23.10.0.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2023-5591
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2023-5591
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-mr6h-7x2m-rgmq
cvssv3.1	7.8	https://github.com/librenms/librenms
generic_textual	HIGH	https://github.com/librenms/librenms
cvssv3	7.8	https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e
cvssv3.1	7.8	https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e
generic_textual	HIGH	https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e
ssvc	Track	https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e
cvssv3	7.8	https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090
cvssv3.1	7.8	https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090
generic_textual	HIGH	https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090
ssvc	Track	https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090
cvssv3.1	7.8	https://nvd.nist.gov/vuln/detail/CVE-2023-5591
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2023-5591

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2023-5591
		https://nvd.nist.gov/vuln/detail/CVE-2023-5591
54813d42-5b93-440e-b9b1-c179d2cbf090		https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090
908aef65967ce6184bdc587fd105660d5d55129e		https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e
GHSA-mr6h-7x2m-rgmq		https://github.com/advisories/GHSA-mr6h-7x2m-rgmq

No exploits are available.

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/librenms/librenms

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T17:15:06Z/ Found at https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T17:15:06Z/ Found at https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-5591

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.31341
EPSS Score	0.00125
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T17:21:49.293364+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2023/5xxx/CVE-2023-5591.json	38.6.0