Lucene search
TR-CERTCVE-2023-1462HistoryMar 21, 2023 - 9:15 a.m.
CVE-2023-1462
2023-03-2109:15:10
CWE-639
TR-CERT
web.nvd.nist.gov
28
cve-2023-1462
authorization bypass
user-controlled key
vadi corporate information systems
digikent
authentication bypass
authentication abuse
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
40.2%
Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse.Β This issue affects DigiKent: before 23.03.20.
Affected configurations
Node
vadidigikentRange<23.03.20
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "DigiKent",
"vendor": "Vadi Corporate Information Systems",
"versions": [
{
"lessThan": "23.03.20",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]References
Related
prion
prion
Authorization
2023-03-21 09:15:00
cvelist
cvelist
CVE-2023-1462 IDOR in Digikent
2023-03-21 08:16:26
nvd
nvd
CVE-2023-1462
2023-03-21 09:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
40.2%
Related for CVE-2023-1462