VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-w59z-4ctd-aaak

Essentials
Severities (107)
References (30)
Severity details (22)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-w59z-4ctd-aaak
Aliases	CVE-2023-38709
Summary	Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.
Status	Published
Exploitability	0.5
Weighted Severity	6.6
Risk	3.3
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-20	Improper Input Validation
CWE-113	Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

System	Score	Found at
cvssv3	6.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00989	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00989	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.00989	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01307	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01307	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01307	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01419	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01437	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01476	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.01593	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.0347	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
epss	0.4526	https://api.first.org/data/v1/epss?cve=CVE-2023-38709
cvssv3.1	7.3	http://seclists.org/fulldisclosure/2024/Jul/18
ssvc	Track	http://seclists.org/fulldisclosure/2024/Jul/18
cvssv3.1	6.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.3	https://httpd.apache.org/security/vulnerabilities_24.html
cvssv3.1	7.5	https://httpd.apache.org/security/vulnerabilities_24.html
generic_textual	HIGH	https://httpd.apache.org/security/vulnerabilities_24.html
ssvc	Track	https://httpd.apache.org/security/vulnerabilities_24.html
cvssv3.1	7.3	https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
cvssv3.1	7.3	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
cvssv3.1	7.3	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
cvssv3.1	7.3	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
cvssv3.1	7.3	https://security.netapp.com/advisory/ntap-20240415-0013/
ssvc	Track	https://security.netapp.com/advisory/ntap-20240415-0013/
cvssv3.1	7.3	https://support.apple.com/kb/HT214119
ssvc	Track	https://support.apple.com/kb/HT214119
cvssv3.1	7.3	http://www.openwall.com/lists/oss-security/2024/04/04/3
ssvc	Track	http://www.openwall.com/lists/oss-security/2024/04/04/3

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-38709
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
		http://seclists.org/fulldisclosure/2024/Jul/18
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://httpd.apache.org/security/vulnerabilities_24.html
		https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
		https://security.netapp.com/advisory/ntap-20240415-0013/
		https://support.apple.com/kb/HT214119
		http://www.openwall.com/lists/oss-security/2024/04/04/3
1068412		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412
2273491		https://bugzilla.redhat.com/show_bug.cgi?id=2273491
CVE-2023-38709		https://httpd.apache.org/security/json/CVE-2023-38709.json
CVE-2023-38709		https://nvd.nist.gov/vuln/detail/CVE-2023-38709
GLSA-202409-31		https://security.gentoo.org/glsa/202409-31
RHSA-2024:4197		https://access.redhat.com/errata/RHSA-2024:4197
RHSA-2024:6927		https://access.redhat.com/errata/RHSA-2024:6927
RHSA-2024:6928		https://access.redhat.com/errata/RHSA-2024:6928
RHSA-2024:9306		https://access.redhat.com/errata/RHSA-2024:9306
USN-6729-1		https://usn.ubuntu.com/6729-1/
USN-6729-2		https://usn.ubuntu.com/6729-2/
USN-6729-3		https://usn.ubuntu.com/6729-3/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://seclists.org/fulldisclosure/2024/Jul/18

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at http://seclists.org/fulldisclosure/2024/Jul/18

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://httpd.apache.org/security/vulnerabilities_24.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://httpd.apache.org/security/vulnerabilities_24.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at https://httpd.apache.org/security/vulnerabilities_24.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://security.netapp.com/advisory/ntap-20240415-0013/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at https://security.netapp.com/advisory/ntap-20240415-0013/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://support.apple.com/kb/HT214119

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at https://support.apple.com/kb/HT214119

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.openwall.com/lists/oss-security/2024/04/04/3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/ Found at http://www.openwall.com/lists/oss-security/2024/04/04/3

Exploit Prediction Scoring System (EPSS)

Percentile	0.14083
EPSS Score	0.00044
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-04-23T17:17:24.531129+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2023-38709	34.0.0rc4