CVE-2023-41908

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 5, 2023
Updated: Sep 8, 2023
CWE ID 862

Summary

CVE-2023-41908, also known as Missing Authorization (CWE-862), is a medium-severity vulnerability affecting the Cerebrate application before version 1.15. This vulnerability is categorized as a cyber vulnerability and has a risk score of 25. The affected products include pt15j5, pt15j4, pt15j1, pt15j0, pt15j3, pt15j2, pt15jx, pt15jw, pt15jz, pt15jy, pt15jt, pt15js, pt15jv, t0OO-h, soBxze, pt15ju, qN__bG, pt15jr, and pt15jq. The vulnerability arises from the lack of a Secure attribute for the session cookie. It has an exploitability score of 3.9 and poses a potential danger to organizations as it allows unauthorized access due to missing authorization controls. To remediate this vulnerability and mitigate the risk it poses to an organization's confidentiality impact (rated as low), it is recommended to update the Cerebrate application to version 1.15 or later.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-41908 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options