How severe is CVE-2023-4595?

CVE-2023-4595 has a CVSS v3 score of 7.5 (HIGH).

CVE-2023-4595

Name: windows
Author: microsoft

7.5HIGH

An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration

Published: 11/23/2023Updated: 11/21/2024

Description

An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.

AI AnalysisPowered by AI

Affected Products

seattlelabslmail

5.5.0.4433

microsoftwindows

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-bvrp-software-slmail
Third Party Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-bvrp-software-slmail
Third Party Advisory