CVE-2023-41261

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 12, 2023

Updated: Oct 16, 2023

CWE ID 287

Summary

CVE-2023-41261 is a vulnerability affecting the Plixer Scrutinizer before version 19.3.1. The issue lies in the /fcgi/scrut_fcgi.fcgi file, specifically the csvExportReport endpoint action named generateCSV. This vulnerability permits unauthenticated users to export reports and access their results, posing a significant security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Plixer Scrutinizer

Affected Vendors

Plixer International

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sdWuI6
https://www.cve.org/CVERecord?id=CVE-2023-41261
https://nvd.nist.gov/vuln/detail/CVE-2023-41261

Back to Vulnerability Database