CVE-2023-45659

CVSS 3.1 Score 2.8 of 10 (low)

Details

Published Oct 17, 2023

Updated: Oct 30, 2023

CWE ID 613

Summary

CVE-2023-45659 is a vulnerability affecting Engelsystem, a shift planning system for chaos events. If an attacker gains unauthorized access to a user account through compromised credentials, the attacker's session persists even after the user's password is reset. This issue was addressed in commit `dbb089315ff3d`, and users are strongly encouraged to install the latest update. Unfortunately, there are currently no known workarounds for this flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Engelsystem

Affected Vendors

Engelsystem

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s9Nkgv
https://www.cve.org/CVERecord?id=CVE-2023-45659
https://nvd.nist.gov/vuln/detail/CVE-2023-45659

Back to Vulnerability Database