CVE-2023-30950

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Aug 3, 2023

Updated: Nov 7, 2023

CWE ID 862

CWE ID 290

Summary

CVE-2023-30950 is a newly identified vulnerability affecting the Foundry Campaigns service. This issue allows unauthenticated actors to gain access to sensitive information through a flaw in a REST endpoint. Attackers can exploit this vulnerability by sending specially crafted requests to the endpoint, potentially leading to the leakage of confidential data. The exact nature and extent of the data exposed are still under investigation. Organizations using the Foundry Campaigns service are urged to apply the necessary patches or workarounds to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ryX0CK
https://www.cve.org/CVERecord?id=CVE-2023-30950
https://nvd.nist.gov/vuln/detail/CVE-2023-30950

Back to Vulnerability Database

CVE-2023-30950

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations