CVE-2023-4852

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 9, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-4852 is a critical vulnerability affecting IBOS OA 4.5.5. The issue lies in the processing of the file 'optimize' and allows for sql injection, making it susceptible to remote attacks. The exploit for this vulnerability, identified as VDB-239261, has been disclosed to the public, increasing the risk for potential exploitation. This vulnerability can result in significant data breaches or system compromises. It is recommended that affected organizations apply the necessary patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBOs

Affected Vendors

IBOs

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/soLZsh
https://www.cve.org/CVERecord?id=CVE-2023-4852
https://nvd.nist.gov/vuln/detail/CVE-2023-4852

Back to Vulnerability Database