CVE-2023-47578

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 13, 2023

Updated: Dec 18, 2023

CWE ID 352

Summary

CVE-2023-47578 refers to a vulnerability in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. This issue exposes these devices to Cross-Site Request Forgery (CSRF) attacks due to the lack of CSRF protection in their web interfaces. An attacker could manipulate vulnerable web pages to trick users into performing unintended actions, such as making unauthorized configuration changes or initiating unintended transactions. The absence of this crucial security measure increases the risk of data theft or unauthorized device access. Organizations using these devices should apply the necessary patches or upgrades to mitigate this vulnerability and secure their networks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database