CVE-2023-3336

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 5, 2023

Updated: Jul 10, 2023

CWE ID 89

Summary

CVE-2023-3336 is a vulnerability affecting TN-5900 Series versions 3.3 and prior. This issue permits user enumeration through the web login page during password recovery, potentially revealing valid usernames. An attacker could exploit this vulnerability to conduct targeted brute force attacks against valid users. The vulnerability poses a significant risk to system security and requires immediate remediation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ASSA ABLOY AB

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sOfDH2
https://www.cve.org/CVERecord?id=CVE-2023-3336
https://nvd.nist.gov/vuln/detail/CVE-2023-3336

Back to Vulnerability Database

CVE-2023-3336

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations