Lucene search
K

5 matches found

OSV
OSV
added 2023/11/28 9:15 p.m.4 views

CVE-2023-29062

The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. This is possible through the use of LLMNR, MBT-NS, or MDNS and will result in NTLMv2 hashes...

3.8CVSS5.8AI score0.00297EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/28 8:34 p.m.22 views

CVE-2023-29062 Unsecure Identity Verification

The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. This is possible through the use of LLMNR, MBT-NS, or MDNS and will result in NTLMv2 hashes...

3.8CVSS4.6AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2023/11/28 8:34 p.m.40 views

CVE-2023-29062

CVE-2023-29062 describes a vulnerability in the OS hosting BD FACSChorus where user credentials may be transmitted as NTLMv2 hashes via LLMNR, MBT-NS, or MDNS, if the identity of requested resources is not adequately validated. Affected products are BD FACSChorus software and workstations (versio...

3.8CVSS4.4AI score0.00297EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/28 12:0 a.m.5 views

PT-2023-22119 · Unknown · Operating System

Name of the Vulnerable Software and Affected Versions: Operating System affected versions not specified Description: The issue arises when the Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials without properly validating the identit...

3.8CVSS4.1AI score0.00297EPSS
Exploits0References5
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.27 views

MS15-027: Vulnerability in NETLOGON could allow spoofing: March 10, 2015

MS15-027: Vulnerability in NETLOGON could allow spoofing: March 10, 2015 Summary This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow spoofing if an attacker who is logged on to a domain-joined system runs a specially crafted application that...

6.3AI score
Exploits0
Rows per page
Query Builder