CVE-2023-45396

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 11, 2023

Updated: Nov 7, 2023

CWE ID 639

Summary

CVE-2023-45396 refers to an Insecure Direct Object Reference (IDOR) vulnerability discovered in Elenos ETG150 FM transmitters operating on version 3.12. This issue allows unauthorized users to gain access to events profiles, putting sensitive information at risk. Attackers can exploit this vulnerability to modify or delete data or even gain control over the transmitter's settings, leading to potential disruptions or misconfigurations. This vulnerability underscores the importance of regularly updating software to address security issues and limiting access to sensitive information to authorized users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8JM34
https://www.cve.org/CVERecord?id=CVE-2023-45396
https://nvd.nist.gov/vuln/detail/CVE-2023-45396

Back to Vulnerability Database

CVE-2023-45396

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations