CVE-2023-40670
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Dec 13, 2024
CWE ID 862
Summary
CVE-2023-40670 is a missing authorization vulnerability affecting ReviewX from versions n/a through 1.6.17. Hackers can exploit this issue by taking advantage of incorrectly configured access control security levels. Successful exploitation could lead to unauthorized access to sensitive data or unintended modifications to business critical functions within the ReviewX platform. Organizations using ReviewX are strongly advised to update to the latest version or implement additional security measures to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share