CVE-2023-45393

Name of the Vulnerable Software and Affected Versions GRANDING UTime Master version 9.0.7-Build:Apr 4,2023

Description The issue is related to an indirect object reference (IDOR) that allows authenticated attackers to access sensitive information. This is achieved via a crafted cookie.

Recommendations For GRANDING UTime Master version 9.0.7-Build:Apr 4,2023, consider restricting access to sensitive information until a patch is available. As a temporary workaround, avoid using crafted cookies to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.