Lucene search

[email protected]NVD:CVE-2023-6724

HistoryFeb 09, 2024 - 1:15 p.m.

CVE-2023-6724

2024-02-0913:15:41

CWE-639

[email protected]

web.nvd.nist.gov

authorization bypass

user-controlled key

software engineering consultancy machine equipment limited company

authentication abuse

ios

android

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

19.3%

JSON

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0.

Affected configurations

Nvd

Node

simgeselhearing_tracking_systemRange≤1.0android

simgeselhearing_tracking_systemRange<7.0iphone_os

VendorProductVersionCPE
simgeselhearing_tracking_system*cpe:2.3:a:simgesel:hearing_tracking_system:*:*:*:*:*:android:*:*
simgeselhearing_tracking_system*cpe:2.3:a:simgesel:hearing_tracking_system:*:*:*:*:*:iphone_os:*:*

Vendor	Product	Version	CPE
simgesel	hearing_tracking_system	*	cpe:2.3:a:simgesel:hearing_tracking_system::::::android::*
simgesel	hearing_tracking_system	*	cpe:2.3:a:simgesel:hearing_tracking_system::::::iphone_os::*

References

www.usom.gov.tr/bildirim/tr-24-0099

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

19.3%

JSON

Related for NVD:CVE-2023-6724

prion1 cvelist1 cve1