CVE-2023-23344

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions BigFix WebUI Insights site version 14

Description A permission issue allows an authenticated, unprivileged operator to access an administrator page.

Recommendations For BigFix WebUI Insights site version 14, update to a version that fixes the permission issue to prevent unprivileged operators from accessing administrator pages.

Fix

Missing Authorization

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-276

Related Identifiers

CVE-2023-23344

Affected Products

Bigfix Webui Insights

CVE-2023-23344

Weakness Enumeration

Related Identifiers

Affected Products

References · 7