CVE-2023-28346

Name of the Vulnerable Software and Affected Versions Faronics Insight version 10.0.19045

Description An issue in Faronics Insight allows a remote attacker to communicate with private API endpoints, such as "/login", "/consoleSettings", and "/console", despite Virtual Host Routing being used to block this access. This enables remote attackers to interact with private pages on the web server and perform privileged actions, including logging into the console and changing console settings, if they have valid credentials. The vulnerability is related to bypassing the authentication procedure by using an alternative path or channel when processing endpoints, which can allow a remote attacker to access, modify, or delete data by connecting to port 8890.

Recommendations For Faronics Insight version 10.0.19045, as a temporary workaround, consider restricting access to the private API endpoints, such as "/login", "/consoleSettings", and "/console", until a patch is available. Additionally, restrict access to port 8890 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.