CVE-2023-48375

Name of the Vulnerable Software and Affected Versions SmartStar Software CWS (affected versions not specified)

Description The issue is related to missing authorization in the SmartStar Software CWS web-based integration platform. This allows users to access data or perform actions that they should not be allowed to, via commands. An authenticated user with normal privileges can execute administrator privileges, resulting in the ability to perform arbitrary system operations or disrupt the service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.