CVE-2023-42480

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 14, 2023
Updated: Nov 20, 2023
CWE ID 307

Summary

CVE-2023-42480 is a vulnerability affecting the NetWeaver AS Java Logon application version 7.50. An unauthenticated attacker can exploit this weakness to engage in brute force attacks, successfully identifying legitimate user IDs. This breach primarily poses a risk to data confidentiality, with no reported impact on integrity or availability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share