CVE-2023-48383

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 15, 2024

Updated: Jan 22, 2024

CWE ID 22

Summary

CVE-2023-48383 is a newly disclosed vulnerability affecting NetVision's airPASS system. The issue involves a path traversal weakness in a specific URL's parameter. An unauthenticated attacker can exploit this vulnerability to bypass authentication and gain unauthorized access to download system files, potentially leading to sensitive data exposure or system compromise. This vulnerability poses a significant risk to organizations using the affected product and requires immediate attention and patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Netvision

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tbiYsL
https://www.cve.org/CVERecord?id=CVE-2023-48383
https://nvd.nist.gov/vuln/detail/CVE-2023-48383

Back to Vulnerability Database

CVE-2023-48383

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations