CVE-2023-25966

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-25966 is a critical vulnerability affecting Ninja Team Filebird, where access control security levels are incorrectly configured, leading to a Missing Authorization issue. An attacker can exploit this flaw to gain unauthorized access to files, impacting versions 5.1.4 and earlier. This vulnerability can result in significant data exposure and potential unintended actions, emphasizing the importance of applying the necessary patches or updates to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share