CVE-2024-38002
📊 9.0 CRITICAL⚡ 0.9%🎯 0 exploits
📅 Published Oct 22, 2024
📋 Status: Modified
The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92 and 7.3 GA through update 36 does not properly check user permissions before updating a workflow definition, which allows remote authenticated users to modify workflow definitions and execute arbitrary code (RCE) via the headless API.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
135 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | liferay | digital experience platform | ≥ 2023.q3.1 ∧ < 2023.q3.9 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:* |
📱App | liferay | digital experience platform | ≥ 2023.q4.0 ∧ < 2023.q4.6 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update10:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update11:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update12:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update13:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update14:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update15:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update16:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update17:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update18:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update19:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update20:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update21:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update22:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update23:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update24:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update25:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update26:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update27:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update28:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update29:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update30:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update31:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update33:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update34:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update35:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update36:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update4:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update5:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update6:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update7:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update8:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.3 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.3:update9:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update10:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update11:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update12:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update13:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update14:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update15:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update16:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update17:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update18:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update19:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update20:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update22:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update23:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update24:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update25:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update26:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update27:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update28:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update29:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update30:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update31:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update32:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update33:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update9:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:* |
📱App | liferay | digital experience platform | 7.4 | Vulnerable | cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:* |
📱App | liferay | liferay portal | ≥ 7.3.2 ∧ ≤ 7.3.7 | Vulnerable | cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:* |
📱App | liferay | liferay portal | ≥ 7.4.0 ∧ < 7.4.3.112 | Vulnerable | cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: ≥ 2023.q3.1 ∧ < 2023.q3.9
CPE:
cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 2023.q4.0 ∧ < 2023.q4.6
CPE:
cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_1:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:service_pack_3:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update10:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update11:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update12:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update13:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update14:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update15:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update16:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update17:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update18:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update19:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update20:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update21:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update22:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update23:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update24:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update25:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update26:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update27:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update28:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update29:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update30:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update31:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update32:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update33:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update34:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update35:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update36:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update4:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update5:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update6:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update7:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update8:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.3
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.3:update9:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update10:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update11:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update12:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update13:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update14:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update15:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update16:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update17:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update18:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update19:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update2:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update20:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update22:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update23:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update24:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update25:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update26:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update27:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update28:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update29:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update3:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update30:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update31:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update32:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update33:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update35:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update37:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update38:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update39:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update4:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update40:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update41:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update42:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update43:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update44:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update45:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update46:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update47:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update49:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update5:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update51:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update52:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update53:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update54:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update55:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update56:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update57:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update58:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update59:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update6:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update60:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update61:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update63:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update64:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update65:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update66:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update67:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update68:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update69:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update7:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update70:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update71:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update72:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update73:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update74:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update75:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update77:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update78:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update79:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update8:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update80:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update81:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update82:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update83:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update84:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update85:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update86:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update87:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update88:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update89:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update9:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update90:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update91:*:*:*:*:*:*
📱
VulnerableApplication
Version: 7.4
CPE:
cpe:2.3:a:liferay:digital_experience_platform:7.4:update92:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 7.3.2 ∧ ≤ 7.3.7
CPE:
cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 7.4.0 ∧ < 7.4.3.112
CPE:
cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*
135 products•scroll for more
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
LOW
User Interaction:
REQUIRED
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
CHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
9.0 (CRITICAL)v3.1
Source: [email protected]
EPSS Details
0.9% (Minimal)75.1th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Oct 22, 2024 (1 year ago)
Last Modified
Sep 10, 2025 (1 month ago)
Security Weaknesses2
CWE-862CWE-863
References2
NVDadvisory