CVE-2023-49262

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 12, 2024

Updated: Jan 19, 2024

CWE ID 287

Summary

CVE-2023-49262 is a vulnerability affecting an authentication mechanism. An attacker can exploit this issue by overflowing the value of the "authentication" cookie during an active user session. This allows the attacker to bypass the authentication process and gain unauthorized access to protected resources. The vulnerability poses a significant risk to systems and applications where this authentication method is in use. Organizations are strongly encouraged to apply the available patch or mitigation measures to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ti7Qh8
https://www.cve.org/CVERecord?id=CVE-2023-49262
https://nvd.nist.gov/vuln/detail/CVE-2023-49262

Back to Vulnerability Database

CVE-2023-49262

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations