CVE-2023-5830

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 27, 2023

Updated: May 17, 2024

CWE ID 287

Summary

CVE-2023-5830 is a critical vulnerability affecting the ColumbiaSoft Document Locator's WebTools component, specifically the /api/authentication/login path. The Server argument can be manipulated, resulting in improper authentication. This issue allows remote attacks. Upgrading to versions 7.2 SP4 and 2021.1 resolves the problem. It is strongly advised to update the affected component, and the vulnerability has been assigned the identifier VDB-243729.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Crown Records Management

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tKj5Gx
https://www.cve.org/CVERecord?id=CVE-2023-5830
https://nvd.nist.gov/vuln/detail/CVE-2023-5830

Back to Vulnerability Database

CVE-2023-5830

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations