CVE-2023-28345
CVSS 3.1 Score 4.6 of 10 (medium)
Details
Published May 31, 2023
Updated: Jan 14, 2025
CWE ID 312
Summary
CVE-2023-28345 is a vulnerability affecting Faronics Insight 10.0.19045 on Windows. The Teacher Console application inadvertently discloses the Console password in plaintext through a local API endpoint. An attacker with access to the Teacher Console can easily exploit this by opening a web browser and navigating to the vulnerable endpoint, thereby obtaining the teacher's password. This poses a significant risk, as attackers can then log into the Teacher Console and potentially launch attacks on student machines.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share