PT-2023-30431 · Unknown · Best Training Member
Published
2023-11-09
·
Updated
2023-11-20
·
CVE-2023-47369
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
best training member version 13.6.1
Description
The issue allows remote attackers to send malicious notifications due to the leakage of channel access token in best training member.
Recommendations
For version 13.6.1, consider restricting access to the
best training member module to minimize the risk of exploitation until a patch is available.Exploit
Fix
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Best Training Member