CVE-2023-25914

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Aug 21, 2023
Updated: Aug 24, 2023
CWE ID 22

Summary

CVE-2023-25914 is a critical vulnerability that affects the tzumDC product. It allows attackers to retrieve and read system files of the underlying server through the XML interface. The base severity score is 9.9 out of 10, indicating a high risk to organizations. The vulnerability has a low attack complexity and requires low privileges, making it easier for attackers to exploit. It poses a high impact on both integrity and confidentiality of data. To remediate this vulnerability, organizations should implement proper restrictions and access controls to prevent unauthorized access to system files through the XML interface in tzumDC.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share