exploitDog

CVE-2023-6724

Опубликовано: 09 фев. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0.

Ссылки

https://www.usom.gov.tr/bildirim/tr-24-0099
Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-24-0099
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:simgesel:hearing_tracking_system:*:*:*:*:*:android:*:*

Версия до 1.0 (включая)

cpe:2.3:a:simgesel:hearing_tracking_system:*:*:*:*:*:iphone_os:*:*

Версия до 7.0 (исключая)

EPSS

Процентиль: 11%

0.00037

Низкий

8.8 High

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-63q7-72w2-qvvv

CVSS3: 8.8

github

почти 2 года назад

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0.

EPSS

Процентиль: 11%

0.00037

Низкий

8.8 High

CVSS3

Дефекты

CWE-639