{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T07:49:44.405","vulnerabilities":[{"cve":{"id":"CVE-2023-5457","sourceIdentifier":"prodsec@nozominetworks.com","published":"2024-03-05T12:15:47.793","lastModified":"2025-04-09T20:34:52.100","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."},{"lang":"es","value":"Una vulnerabilidad CWE-1269 de \"Producto lanzado en configuración sin lanzamiento\" en el framework web Django utilizado por la aplicación web (debido al parámetro de configuración \"depuración\" establecido en \"Verdadero\") permite que un atacante remoto no autenticado acceda a información crítica y tenga otros impactos no especificados a la confidencialidad, integridad y disponibilidad de la aplicación. Este problema afecta: Paquete AiLux imx6 inferior a la versión imx6_1.0.7-2."}],"metrics":{"cvssMetricV31":[{"source":"prodsec@nozominetworks.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"prodsec@nozominetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1269"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ailux:imx6:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.7-2","matchCriteriaId":"0AC8BA0D-1588-4072-8BEA-464B1E76AF80"}]}]}],"references":[{"url":"https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-5457","source":"prodsec@nozominetworks.com","tags":["Third Party Advisory"]},{"url":"https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-5457","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}