vulnerability

Lucee: CVE-2023-38693: Lucee CVE Security Alert

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:C/I:N/A:N)	2023-09-15	2024-02-05	2025-03-06

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:N/A:N)

Published

2023-09-15

Added

2024-02-05

Modified

2025-03-06

Description

The Lucee team received a responsible disclosure for a security vulnerability which affects many previous releases of Lucee. Anyone running these older releases are advised to hotfix immediately and then make plans to upgrade to the latest 5.4.3.2 Stable Release, which includes further additional hardening, as well as updated CVE free java libraries.

Solution

lucee-upgrade-latest

References

CVE-2023-38693
https://attackerkb.com/topics/CVE-2023-38693
URL-https://dev.lucee.org/t/lucee-critical-security-alert-august-15th-2023-cve-2023-38693/12893

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today