PT-2023-24317 · Control Id · Idsecure
Published
2023-08-03
·
Updated
2023-08-07
·
CVE-2023-33369
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Control ID IDSecure versions 4.7.26.0 and prior
Description
A path traversal issue exists, allowing attackers to delete arbitrary files on the IDSecure filesystem, causing a denial of service.
Recommendations
For Control ID IDSecure versions 4.7.26.0 and prior, consider restricting access to sensitive filesystem areas until a patch is available.
As a temporary workaround, limit the ability to delete files on the IDSecure filesystem to minimize the risk of exploitation.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Idsecure