CVE-2023-26574

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 25, 2023
Updated: Oct 28, 2023
CWE ID 287
CWE ID 306

Summary

CVE-2023-26574 is a cyber vulnerability that affects IDAttend's IDWeb application version 3.1.052 and earlier. The vulnerability allows unauthenticated attackers to extract sensitive student data due to missing authentication in the SearchStudents method. The risk score for this vulnerability is 25, indicating a high severity level. The base score is 7.5, with a base severity of HIGH and a confidentiality impact of HIGH. The exploitability score is 3.9, suggesting that it is relatively easy for attackers to exploit this vulnerability. Remediation should involve updating the IDWeb application to a version that addresses this issue. This vulnerability poses a significant danger to organizations using the affected IDWeb application as it exposes sensitive student data to unauthorized access and potential misuse by attackers.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-26574 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options