Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-48365

🗓️ 15 Nov 2023 00:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 241 Views

Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests

Related
Detection
Refs
Social
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2023-41265
29 Aug 202300:00
attackerkb
ATTACKERKB		CVE-2023-48365
15 Nov 202300:00
attackerkb
Circl		CVE-2023-48365
30 Nov 202308:45
circl
CISA KEV Catalog		Qlik Sense HTTP Tunneling Vulnerability
13 Jan 202500:00
cisa_kev
CISA		 CISA Adds Two Known Exploited Vulnerabilities to Catalog
13 Jan 202512:00
cisa
CNNVD		Qlik Sense Security Breach
15 Nov 202300:00
cnnvd
Cvelist		CVE-2023-48365
15 Nov 202300:00
cvelist
NCSC		Vulnerabilities fixed in QlikTech Qlik Sense Vulnerabilities fixed in QlikTech Qlik Sense
30 Nov 202300:00
ncsc
NVD		CVE-2023-48365
15 Nov 202322:15
nvd
OSV		CVE-2023-48365
15 Nov 202322:15
osv
Rows per page
NVD
Node
qlikqlik_senseMatchaugust_2022-enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_1enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_10enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_11enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_12enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_13enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_2enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_3enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_4enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_5enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_6enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_7enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_8enterprisewindows
OR
qlikqlik_senseMatchaugust_2022patch_9enterprisewindows
OR
qlikqlik_senseMatchaugust_2023-enterprisewindows
OR
qlikqlik_senseMatchaugust_2023patch_1enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022-enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_1enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_10enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_11enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_12enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_13enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_14enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_2enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_3enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_4enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_5enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_6enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_7enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_8enterprisewindows
OR
qlikqlik_senseMatchfebruary_2022patch_9enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023-enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_1enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_2enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_3enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_4enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_5enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_6enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_7enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_8enterprisewindows
OR
qlikqlik_senseMatchfebruary_2023patch_9enterprisewindows
OR
qlikqlik_senseMatchmay_2022-enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_1enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_10enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_11enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_12enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_13enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_14enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_15enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_2enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_3enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_4enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_5enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_6enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_7enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_8enterprisewindows
OR
qlikqlik_senseMatchmay_2022patch_9enterprisewindows
OR
qlikqlik_senseMatchmay_2023-enterprisewindows
OR
qlikqlik_senseMatchmay_2023patch_1enterprisewindows
OR
qlikqlik_senseMatchmay_2023patch_2enterprisewindows
OR
qlikqlik_senseMatchmay_2023patch_3enterprisewindows
OR
qlikqlik_senseMatchmay_2023patch_4enterprisewindows
OR
qlikqlik_senseMatchmay_2023patch_5enterprisewindows
OR
qlikqlik_senseMatchnovember_2021-enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_1enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_10enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_11enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_12enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_13enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_14enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_15enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_16enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_2enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_3enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_4enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_5enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_6enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_7enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_8enterprisewindows
OR
qlikqlik_senseMatchnovember_2021patch_9enterprisewindows
OR
qlikqlik_senseMatchnovember_2022-enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_1enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_10enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_11enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_2enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_3enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_4enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_5enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_6enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_7enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_8enterprisewindows
OR
qlikqlik_senseMatchnovember_2022patch_9enterprisewindows

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
31 Oct 2025 14:38Current
9.9High risk
Vulners AI Score9.9
CVSS 3.19.6 - 9.9
EPSS0.51735
SSVC
CWE-444In Wild
cve-2023-48365qlik sense enterprisewindowsremote code executionunauthenticatedqb-21683http headersprivilege escalationpatchvulnerabilitynvd
241