CVE-2023-43183

Опубликовано: 03 фев. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account.

Ссылки

http://seclists.org/fulldisclosure/2024/Jan/43
Exploit
Mailing List
Third Party Advisory
https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
http://seclists.org/fulldisclosure/2024/Jan/43
Exploit
Mailing List
Third Party Advisory
https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*

Версия от 15.1 (включая) до 16.0 (исключая)

EPSS

Процентиль: 30%

0.00109

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wj9m-8xm4-fx2j