CVE-2023-27261
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Oct 25, 2023
Updated: Oct 28, 2023
CWE ID 287
CWE ID 306
Summary
CVE-2023-27261 is a vulnerability affecting IDAttend's IDWeb application versions 3.1.052 and earlier. This issue involves a missing authentication mechanism in the DeleteAssignments method. Consequently, unauthenticated attackers can delete data by exploiting this weakness. The potential impact includes loss of important information, leading to data breaches and potential system disruptions. Organizations running the affected software are strongly advised to apply the available patch or update as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share