CVE-2023-34240

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 27, 2023

Updated: Jul 6, 2023

CWE ID 521

Summary

CVE-2023-34240 affects Cloudexplorer-lite, an open source cloud software stack. The vulnerability lies in the lack of enforced strong passwords, making weak ones susceptible to guessing and brute force attacks. These attacks can cause an authentication failure, potentially compromising system security. Prior to version 1.2.0, Cloudexplorer-lite did not enforce strong passwords. To mitigate this issue, users are urged to upgrade to the latest version, as no known workarounds exist.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ry5uBH
https://www.cve.org/CVERecord?id=CVE-2023-34240
https://nvd.nist.gov/vuln/detail/CVE-2023-34240

Back to Vulnerability Database

CVE-2023-34240

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations