CVE-2023-7169

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 8, 2024

Updated: Feb 15, 2024

CWE ID 290

Summary

CVE-2023-7169 is a newly disclosed vulnerability affecting the Snow Inventory Agent on Windows. This Authentication Bypass vulnerability enables an attacker to bypass signature checks through spoofing, potentially gaining unauthorized access to the system. Snow Software urges customers using versions up to and including 6.14.5 to upgrade to version 7.0 to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Snow Software AB

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t9f6XZ
https://www.cve.org/CVERecord?id=CVE-2023-7169
https://nvd.nist.gov/vuln/detail/CVE-2023-7169

Back to Vulnerability Database

CVE-2023-7169

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations