CVE-2023-2306

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 5, 2023

Updated: Oct 10, 2023

CWE ID 22

Summary

CVE-2023-2306 is a vulnerability affecting Qognify NiceVision versions 3.1 and earlier. This issue exposes sensitive information due to the use of hard-coded credentials. An attacker can exploit this vulnerability to retrieve details about cameras, gain access to user information, and modify database records. The hard-coded credentials provide unauthorized access to the system, posing a significant security risk. Organizations using Qognify NiceVision are advised to update to a patched version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/pmxv7W
https://www.cve.org/CVERecord?id=CVE-2023-2306
https://nvd.nist.gov/vuln/detail/CVE-2023-2306

Back to Vulnerability Database

CVE-2023-2306

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations