CVE-2023-4472

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 1, 2024

Updated: Feb 9, 2024

CWE ID 335

Summary

CVE-2023-4472 is a vulnerability affecting Objectplanet Opinio version 7.22 and older. The issue stems from the use of a cryptographically weak pseudo-random number generator (PRNG) in combination with a predictable seed. This weakness could be exploited by unauthenticated attackers to conduct account takeovers of any user on the application. This vulnerability poses a significant risk and underlines the importance of regularly updating software components to mitigate potential security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Objectplanet Opinio

Affected Vendors

Objectplanet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sauE4h
https://www.cve.org/CVERecord?id=CVE-2023-4472
https://nvd.nist.gov/vuln/detail/CVE-2023-4472

Back to Vulnerability Database