Vulnerability DatabaseWS-2023-0293
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0293
Published:May 15, 2026
Updated:May 15, 2026
A Broken Authentication vulnerability exists in azuracast through 0.18.5. An attacker is able to get sensitive information of Administration such as CPU stats.
Affected Packages
azuracast/azuracast (PHP):
Affected version(s) =dev-snyk-fix-522201b88ae70b5d02a44c88d89ec942 <dev-snyk-fix-d274cad45ec9812bd1860f4e02b1105f
Fix Suggestion:
Update to version dev-snyk-fix-d274cad45ec9812bd1860f4e02b1105f
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/webcast-v1 <dev-pre-1.4.0
Fix Suggestion:
Update to version dev-pre-1.4.0
azuracast/azuracast (PHP):
Affected version(s) =dev-Help-Logs <dev-Known-Issues
Fix Suggestion:
Update to version dev-Known-Issues
azuracast/azuracast (PHP):
Affected version(s) =dev-stable <dev-stale-change
Fix Suggestion:
Update to version dev-stale-change
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/yellowpages <dev-fix-#4674
Fix Suggestion:
Update to version dev-fix-#4674
azuracast/azuracast (PHP):
Affected version(s) =dev-main <dev-master
Fix Suggestion:
Update to version dev-master
azuracast/azuracast (PHP):
Affected version(s) =dev-test-turbo-drive <dev-workflow-stale
Fix Suggestion:
Update to version dev-workflow-stale
azuracast/azuracast (PHP):
Affected version(s) >=0.15.0 <0.19.0
Fix Suggestion:
Update to version 0.19.0
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/web-updater <dev-feature/whole-page-vue
Fix Suggestion:
Update to version dev-feature/whole-page-vue
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/per-record-backups <dev-feature/php-ffmpeg
Fix Suggestion:
Update to version dev-feature/php-ffmpeg
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/centrifugo <dev-feature/concurrent-sync
Fix Suggestion:
Update to version dev-feature/concurrent-sync
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/liquidsoap-2.2.x <dev-update-liquidsoap-to-66914f5-2.2.0
Fix Suggestion:
Update to version dev-update-liquidsoap-to-66914f5-2.2.0
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/acme_improvements <dev-feature/annotations
Fix Suggestion:
Update to version dev-feature/annotations
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/vue3 <dev-snyk-upgrade-12772c67afa2125861a56f90fc93e67b
Fix Suggestion:
Update to version dev-snyk-upgrade-12772c67afa2125861a56f90fc93e67b
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/master_me <dev-feature/materialize_upgrade
Fix Suggestion:
Update to version dev-feature/materialize_upgrade
azuracast/azuracast (PHP):
Affected version(s) =dev-update-to-liquidsoap-2.2.0-af6b0a9 <dev-dev-ls2.3.x
Fix Suggestion:
Update to version dev-dev-ls2.3.x
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/master_me_lv2 <dev-feature/media_meta_overhaul_2
Fix Suggestion:
Update to version dev-feature/media_meta_overhaul_2
azuracast/azuracast (PHP):
Affected version(s) =dev-feature/rr_again <dev-feature/rrule-scheduler
Fix Suggestion:
Update to version dev-feature/rrule-scheduler
Related Resources (1)
https://github.com/azuracast/azuracast/commit/1404779b1a72ccbc0bd165ce0c4d8805b6024586
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.9
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE