CVE-2023-44303

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 24, 2023

Updated: Dec 1, 2023

CWE ID 522

CWE ID 310

Summary

CVE-2023-44303 is a new vulnerability affecting RVTools, Version 3.9.2 and above. This issue involves a sensitive data exposure in the password encryption utility and main application. An unauthenticated attacker can access encrypted passwords from a user's system and potentially disclose them in clear text. The root cause is an incomplete fix for a previous vulnerability, CVE-2020-27688. Users should promptly update RVTools to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s0ddhp
https://www.cve.org/CVERecord?id=CVE-2023-44303
https://nvd.nist.gov/vuln/detail/CVE-2023-44303

Back to Vulnerability Database

CVE-2023-44303

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations