CVE-2023-4198

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 1, 2023

Updated: Nov 8, 2023

CWE ID 119

Summary

CVE-2023-4198 is a newly discovered access control vulnerability in Dolibarr ERP CRM versions up to 17.0.3. This issue permits an authenticated, yet unauthorized user to gain unintended access to a customer database table, potentially exposing sensitive data. The vulnerability arises from the application's failure to enforce proper access control measures, putting customer information at risk. Dolibarr users are advised to upgrade to a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tIxt6N
https://www.cve.org/CVERecord?id=CVE-2023-4198
https://nvd.nist.gov/vuln/detail/CVE-2023-4198

Back to Vulnerability Database

CVE-2023-4198

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations