CVE-2023-4659

Name of the Vulnerable Software and Affected Versions Free5Gc (affected versions not specified)

Description The issue is related to a Cross-Site Request Forgery vulnerability. This vulnerability could allow an attacker to perform different actions on the platform as an administrator by changing the token value to "admin". It is also possible to perform POST, GET, and DELETE requests without any token value, enabling an unprivileged remote user to create, delete, and modify users within the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.