CVE-2023-5456

Name of the Vulnerable Software and Affected Versions AiLux imx6 bundle versions prior to imx6 1.0.7-2

Description A CWE-798 “Use of Hard-coded Credentials” issue in the MariaDB database of the web application allows a remote unauthenticated attacker to access the database service and all included data with the same privileges as the web application.

Recommendations For AiLux imx6 bundle versions prior to imx6 1.0.7-2, update to version imx6 1.0.7-2 or later to resolve the issue. As a temporary workaround, consider restricting access to the MariaDB database to minimize the risk of exploitation.