PT-2023-31383 · Brainstorm Force · Astra Pro

Rafie Muhammad

Published

2023-12-29

Updated

2024-01-05

CVE-2023-49830

CVSS v3.1

9.9

Critical

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Astra Pro versions 4.3.1 and earlier

Description The issue is related to an Improper Control of Generation of Code ('Code Injection') vulnerability. This vulnerability affects Brainstorm Force Astra Pro, allowing for code injection.

Recommendations For versions 4.3.1 and earlier, update to a version later than 4.3.1 to resolve the issue. At the moment, there is no information about additional mitigation measures.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2023-49830

Affected Products

Astra Pro

PT-2023-31383 · Brainstorm Force · Astra Pro

CVE-2023-49830

Weakness Enumeration

Related Identifiers

Affected Products

References · 6