CVE-2023-21407

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 3, 2023

Updated: Aug 7, 2023

Summary

CVE-2023-21407 is a newly identified vulnerability that grants attackers unauthorized privileged escalation to the operator account, enabling them to gain administrator privileges (NIST). By exploiting the broken access control, cybercriminals can bypass security restrictions and execute commands with elevated permissions, potentially leading to significant data breaches or system disruptions. The vulnerability poses a serious threat to organizations that have not yet addressed this issue, making it essential to apply the available patches or mitigations promptly. (Summary written without directly quoting the provided text)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sNN6sv
https://www.cve.org/CVERecord?id=CVE-2023-21407
https://nvd.nist.gov/vuln/detail/CVE-2023-21407

Back to Vulnerability Database

CVE-2023-21407

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations