CVE-2023-46641

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 7, 2023

Updated: Dec 12, 2023

CWE ID 918

Summary

CVE-2023-46641 is a Server-Side Request Forgery (SSRF) vulnerability that affects versions of the Code for Recovery 12 Step Meeting List software from n/a through 3.14.24. An attacker can exploit this weakness to issue malicious HTTP requests, potentially gaining unauthorized access to internal resources or data. The vulnerability may pose a significant risk, as it can be exploited remotely without requiring user interaction. It is essential that users of the affected versions of the Code for Recovery 12 Step Meeting List upgrade to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tIwWv4
https://www.cve.org/CVERecord?id=CVE-2023-46641
https://nvd.nist.gov/vuln/detail/CVE-2023-46641

Back to Vulnerability Database

CVE-2023-46641

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations