CVE-2023-42032

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Visualware MyConnection Server (affected versions not specified)

Description This issue allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. The specific flaw exists within the doRTAAccessUPass method, which is an exposed dangerous method. An attacker can leverage this vulnerability to disclose information in the context of the application. Authentication is not required to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-749CWE-200

Related Identifiers

BDU:2023-05515

CVE-2023-42032

ZDI-23-1398

Affected Products

Visualware Myconnection Server

CVE-2023-42032

Weakness Enumeration

Related Identifiers

Affected Products

References · 7