CVE-2023-38849

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 25, 2023
Updated: Nov 3, 2023

Summary

CVE-2023-38849: In the tire-sales Line v.13.6.1 software, a vulnerability exists that enables a remote attacker to gain unauthorized access to sensitive information by crafting a malicious GET request. This issue poses a significant risk to organizations using this software, as attackers can potentially steal confidential data without direct system access. Mitigation measures include updating to the latest version of tire-sales Line or implementing network security controls to block unauthorized GET requests. Organizations should promptly address this vulnerability to prevent potential data breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share