PT-2023-30457 · Knovos · Knovos Discovery

Aleksey Vistorobskiy

Publicado

2023-11-10

Atualizado

2024-01-23

CVE-2023-47459

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Knovos Discovery version 22.67.0

Description An issue in the software allows a remote attacker to obtain sensitive information via the "/DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName" component.

Recommendations For Knovos Discovery version 22.67.0, consider restricting access to the "/DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName" component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-47459

Produtos afetados

Knovos Discovery

PT-2023-30457 · Knovos · Knovos Discovery

CVE-2023-47459

Identificadores relacionados

Produtos afetados

Referências · 8