VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-g4bx-u7nw-subv

Essentials
Severities (30)
References (12)
Severity details (11)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-g4bx-u7nw-subv
Aliases	CVE-2023-33933
Summary	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

System	Score	Found at
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-33933
cvssv3.1	7.5	https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
ssvc	Track	https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
cvssv3.1	7.5	https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-33933
cvssv3.1	7.5	https://www.debian.org/security/2023/dsa-5435
ssvc	Track	https://www.debian.org/security/2023/dsa-5435

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2023-33933
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933
1038248		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248
6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/
cpe:2.3:a:apache:traffic_server::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server::::::::
CVE-2023-33933		https://nvd.nist.gov/vuln/detail/CVE-2023-33933
dsa-5435		https://www.debian.org/security/2023/dsa-5435
FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/
msg00037.html		https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html
tns2b4khyyncgs5v5p9y35pobg9z2bvs		https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/ Found at https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/ Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-33933

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.debian.org/security/2023/dsa-5435

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/ Found at https://www.debian.org/security/2023/dsa-5435

Exploit Prediction Scoring System (EPSS)

Percentile	0.30625
EPSS Score	0.00113
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:40:07.752652+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2023/33xxx/CVE-2023-33933.json	37.0.0