Description

** DISPUTED ** Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat.

Remediation

References

CVE-2023-43784

Related Vulnerabilities

WordPress Plugin Post Grid, List for WordPress-Content Views Cross-Site Scripting (1.9.0)

PHP Data Processing Errors Vulnerability (CVE-2015-4147)

MySQL CVE-2017-3462 Vulnerability (CVE-2017-3462)

WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1)

WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.5.5)

Severity

High

Classification

CVE-2023-43784 CWE-668 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities