{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T05:11:38.896","vulnerabilities":[{"cve":{"id":"CVE-2023-3971","sourceIdentifier":"secalert@redhat.com","published":"2023-10-04T15:15:12.430","lastModified":"2024-11-21T08:18:25.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise."},{"lang":"es","value":"Se encontró una falla de inyección de HTML en Controller en la configuración de la interfaz de usuario. Esta falla permite a un atacante capturar credenciales creando una página de inicio de sesión personalizada mediante la inyección de HTML, lo que resulta en un compromiso total."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-80"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_automation_controller:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.11","matchCriteriaId":"2483395B-1703-4BA1-8B89-539A48F4E696"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_automation_controller:4.4:*:*:*:*:*:*:*","matchCriteriaId":"990696A6-25A7-4E38-B39F-7E23AA7C44F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_automation_platform:2.3:*:*:*:*:*:*:*","matchCriteriaId":"B520E9D8-A080-4927-B279-F1C57D993795"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_automation_platform:2.4:*:*:*:*:*:*:*","matchCriteriaId":"05986E3C-7E5B-45C1-81B0-9D856A8FF1CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_developer:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0D7F51B9-6E83-46BC-9E4B-7DD6C748435E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_inside:1.1:*:*:*:*:*:*:*","matchCriteriaId":"4488C799-B9F7-40BC-B302-ED34149DBE15"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2023:4340","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2023:4590","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-3971","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2226965","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2023:4340","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2023:4590","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-3971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2226965","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}