CVE-2023-49079

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 29, 2023

Updated: Dec 5, 2023

CWE ID 347

Summary

CVE-2023-49079 is a vulnerability affecting Misskey, an open source decentralized social media platform. With this issue, attackers can bypass signature validation, enabling them to impersonate any remote user. This security flaw poses a significant risk for identity theft and data breaches. Fortunately, the vulnerability has been addressed in Misskey's latest version, 2023.11.1-beta.1. Users are strongly advised to update their platforms to protect against potential impersonation attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tgfJb2
https://www.cve.org/CVERecord?id=CVE-2023-49079
https://nvd.nist.gov/vuln/detail/CVE-2023-49079

Back to Vulnerability Database

CVE-2023-49079

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations