CVE-2023-5328

Name of the Vulnerable Software and Affected Versions SATO CL4NX-J Plus version 1.13.2-u455 r2

Description A critical issue has been found in the Cookie Handler component, allowing for improper authentication when the input auth=user,level1,settings; web=true is manipulated. This requires access to the local network. The issue has been publicly disclosed and may be exploited.

Recommendations For SATO CL4NX-J Plus version 1.13.2-u455 r2, as a temporary workaround, consider restricting access to the Cookie Handler component until a patch is available. Avoid using the input auth=user,level1,settings; web=true in the affected system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.