CVE-2023-43298

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 7, 2023

Updated: Dec 11, 2023

Summary

CVE-2023-43298 is a vulnerability affecting the SCOL Members Card mini-app on Line version 13.6.1. This issue allows attackers to send malicious notifications by exploiting the leakage of the channel access token. By crafting notifications, adversaries can potentially gain unauthorized access to user information or even install malware. This vulnerability poses a significant risk to Line users interacting with the SCOL Members Card mini-app and requires immediate attention from the affected parties for patching and mitigation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linecorp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/suM4v_
https://www.cve.org/CVERecord?id=CVE-2023-43298
https://nvd.nist.gov/vuln/detail/CVE-2023-43298

Back to Vulnerability Database

CVE-2023-43298

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations