CVE-2023-45966

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 23, 2023

Updated: Oct 30, 2023

CWE ID 918

Summary

CVE-2023-45966 is a newly disclosed vulnerability affecting umputun's remark42 software version 1.12.1 and older. This issue presents a Blind Server-Side Request Forgery (SSRF) risk. An attacker can exploit this vulnerability to issue malicious HTTP requests, potentially gaining unauthorized access to internal resources or data on affected servers. The SSRF vulnerability can lead to system compromise or information disclosure. It is recommended that users upgrade to the latest version of remark42 to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tBy9ue
https://www.cve.org/CVERecord?id=CVE-2023-45966
https://nvd.nist.gov/vuln/detail/CVE-2023-45966

Back to Vulnerability Database

CVE-2023-45966

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations