CVE-2023-24476

Опубликовано: 07 июн. 2023

Источник: nvd

CVSS3: 1.8

CVSS3: 3.3

EPSS Низкий

Описание

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.

Ссылки

https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13
Broken Link
https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13
Third Party Advisory
US Government Resource
https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ptc:vuforia_studio:*:*:*:*:*:*:*:*

Версия до 9.9 (исключая)

EPSS

Процентиль: 3%

0.00016

Низкий

1.8 Low

CVSS3

3.3 Low

CVSS3

Дефекты

CWE-285

NVD-CWE-noinfo

Связанные уязвимости

GHSA-3wjr-j39j-wfg8

CVSS3: 1.8

github

больше 2 лет назад

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.

EPSS

Процентиль: 3%

0.00016

Низкий

1.8 Low

CVSS3

3.3 Low

CVSS3

Дефекты

CWE-285

NVD-CWE-noinfo