CVE-2023-45674

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 14, 2023

Updated: Oct 18, 2023

CWE ID 89

Summary

CVE-2023-45674 is an SQL injection vulnerability affecting the Farmbot-Web-App, a control interface for the Farmbot farm automation platform. The flaw allows authenticated attackers to extract sensitive data, such as user information, from the system's database. The vulnerability poses a risk of Information Disclosure and has been addressed in version 15.8.4. It is strongly recommended that users upgrade to this version as soon as possible. At present, there are no known workarounds for this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s9Ng8p
https://www.cve.org/CVERecord?id=CVE-2023-45674
https://nvd.nist.gov/vuln/detail/CVE-2023-45674

Back to Vulnerability Database

CVE-2023-45674

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations