CVE-2023-4384

Name of the Vulnerable Software and Affected Versions MaximaTech Portal Executivo version 21.9.1.140

Description A vulnerability has been found in the Cookie Handler component, leading to missing encryption of sensitive data. The attack can be initiated remotely, with a rather high complexity and difficult exploitation. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.