PT-2023-28086 · Empowerid · Empowerid
Nirav Patel
·
Published
2023-08-06
·
Updated
2024-05-17
·
CVE-2023-4177
CVSS v3.1
5.7
Medium
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
EmpowerID versions up to 7.205.0.0
Description
A problem was found in the Multi-Factor Authentication Code Handler component, which can lead to information disclosure. The complexity of an attack is rather high and the exploitation is known to be difficult.
Recommendations
For EmpowerID versions up to 7.205.0.0, upgrade to version 7.205.0.1 to address this issue. It is recommended to upgrade the affected Multi-Factor Authentication Code Handler component.
Fix
Insufficient Verification of Data Authenticity
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Empowerid