CVE-2023-43208

CRITICAL

CVSS v3

9.8

CRITICAL

EPSS Score

94.4%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679.

Technical Details

Published
10/26/2023

Frequently Asked Questions

What is CVE-2023-43208?

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679.

Is CVE-2023-43208 actively exploited?

Active exploitation of CVE-2023-43208 has not been confirmed. The EPSS score is 94.4%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2023-43208?

CVE-2023-43208 has a CVSS v3 base score of 9.8 (CRITICAL severity).

Is CVE-2023-43208 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.