CVE-2023-3971

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 4, 2023

Updated: Nov 7, 2023

CWE ID 79

CWE ID 80

Summary

CVE-2023-3971 is a newly identified vulnerability affecting the Controller in the user interface settings. This issue permits an attacker to inject malicious HTML code, leading to the creation of a fraudulent login page. By exploiting this flaw, an adversary can successfully steal user credentials, resulting in a complete system compromise. This vulnerability poses a significant risk and requires immediate attention and remediation from affected organizations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Red Hat Ansible Automation Platform

Affected Vendors

Red Hat

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sIcPk8
https://www.cve.org/CVERecord?id=CVE-2023-3971
https://nvd.nist.gov/vuln/detail/CVE-2023-3971

Back to Vulnerability Database