CVE-2023-47327: 
Java vulnerability analysis and mitigation

The CVE-2023-47327 vulnerability affects Silverpeas Core 6.3.1 and earlier versions. This security flaw involves a broken access control issue in the "Create a Space" feature, which is intended to be restricted to administrators only. The vulnerability was discovered and disclosed in late 2023, with a fix released in version 6.3.2 (Rhino Labs, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 4.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. The technical issue stems from improper access control implementation in the space creation functionality, where the application fails to properly validate user permissions when accessing the space creation URL (NVD).

When exploited, this vulnerability allows any authenticated user to bypass administrative restrictions and create spaces within the Silverpeas Core platform, effectively circumventing the intended access control mechanisms. This could lead to unauthorized space creation and potential organizational structure disruption (Rhino Labs).

The vulnerability has been fixed in Silverpeas Core version 6.3.2. Organizations using affected versions should upgrade to this or later versions to address the security issue (NVD).