Cyber Resilience

CVE-2023-47261

CriticalPublic PoC

Published: 14 December 2023

Published
14 December 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0272 86.2th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-47261 is a critical-severity an unspecified weakness vulnerability in Dokmee Enterprise Content Management. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 13.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Dokmee ECM version 7.4.6 contains a remote code execution vulnerability triggered when the server responds to a GettingStarted/SaveSQLConnectionAsync request. The response includes a connection string granting privileged access to the backend SQL Server instance, after which xp_cmdshell can be enabled to execute operating-system commands.

An unauthenticated attacker with network access to the application can issue the request, retrieve the privileged credentials, and leverage them to run arbitrary code on the database server. The flaw carries a CVSS 3.1 score of 9.8, reflecting the absence of required authentication or user interaction.

Vendor change-log entries and independent technical write-ups reference available updates that address the exposure. The associated EPSS score reached a peak of 0.0503 before receding to its current value of 0.0272, indicating a modest but observable increase in exploitation interest after disclosure.

EU & UK References

Vulnerability details

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync /#/gettingstarted request contains a connection string for privileged SQL Server database access, and xp_cmdshell can be enabled.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dokmee
enterprise content management
7.4.6

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References