CVE-2023-4509

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 18, 2024

Summary

CVE-2023-4509: An issue was discovered in an API system where after an unsuccessful login attempt, the API key is recorded in clear text within the audit log file. This vulnerability may expose the API key to potential attackers, increasing the risk of unauthorized access and data breaches. Users are strongly encouraged to apply patches or updates to address this issue promptly. Failure to do so may result in serious security consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/scEKhI
https://www.cve.org/CVERecord?id=CVE-2023-4509
https://nvd.nist.gov/vuln/detail/CVE-2023-4509

Back to Vulnerability Database

CVE-2023-4509

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations