PT-2023-28086 · Empowerid · Empowerid

Nirav Patel

Publicado

2023-08-06

Atualizado

2024-05-17

CVE-2023-4177

CVSS v3.1

5.7

Média

Vetor

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions EmpowerID versions up to 7.205.0.0

Description A problem was found in the Multi-Factor Authentication Code Handler component, which can lead to information disclosure. The complexity of an attack is rather high and the exploitation is known to be difficult.

Recommendations For EmpowerID versions up to 7.205.0.0, upgrade to version 7.205.0.1 to address this issue. It is recommended to upgrade the affected Multi-Factor Authentication Code Handler component.

Correção

Insufficient Verification of Data Authenticity

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-345CWE-200

Identificadores relacionados

CVE-2023-4177

Produtos afetados

Empowerid

PT-2023-28086 · Empowerid · Empowerid

CVE-2023-4177

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8