CVE-2023-24605

CVSS 3.1 Score 4.2 of 10 (medium)

Details

Published May 29, 2023
Updated: Jan 14, 2025
CWE ID 862

Summary

CVE-2023-24605 is a cybersecurity vulnerability affecting OX App Suite before backend version 7.10.6-rev37. This issue permits unauthorized access to certain endpoints, such as reading data from drives, contact information, and token renaming, without two-factor authentication (2FA) enforcement. This lack of 2FA protection can expose sensitive data and potentially lead to account takeover attacks. Organizations using the affected version of OX App Suite are advised to upgrade to a patched version as soon as possible to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share