CVE-2023-0392

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Nov 8, 2023
Updated: Nov 16, 2023
CWE ID 428

Summary

CVE-2023-0392 is an vulnerability affecting the LDAP Agent Update service. Versions prior to 5.18 contain an unquoted path in their configuration, making them susceptible to arbitrary code execution attacks. An attacker could exploit this vulnerability by crafting a specially crafted input, potentially leading to serious security implications. It is strongly advised that affected systems be updated to the latest version as soon as possible to mitigate this risk. This issue underscores the importance of proper input validation and secure configurations to protect against potential cyber threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share