CVE-2023-4384

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 16, 2023

Updated: May 17, 2024

CWE ID 284

Summary

CVE-2023-4384 is a newly disclosed vulnerability affecting MaximaTech Portal Executivo 21.9.1.140. This issue lies within the Cookie Handler component and is classified as problematic. The manipulation of this vulnerability results in missing encryption of sensitive data, potentially allowing unauthorized access. An attacker can initiate the vulnerability remotely, but the exploitation process is quite complex and difficult. The exploit has been made public, increasing the risk of potential attacks. Vendor contact was made regarding this disclosure, but they have not responded. (VDB-237316)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/syYHXW
https://www.cve.org/CVERecord?id=CVE-2023-4384
https://nvd.nist.gov/vuln/detail/CVE-2023-4384

Back to Vulnerability Database

CVE-2023-4384

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations