CVE-2023-4304

CVSS 3.1 Score 2.7 of 10 (low)

Details

Published Aug 11, 2023
Updated: Dec 18, 2023
CWE ID 840

Summary

CVE-2023-4304 is a vulnerability categorized as CWE-840 (Business Logic Errors) in the GitHub repository froxlor/froxlor prior to versions 2.0.22 and 2.1.0. This vulnerability affects multiple products, including aZdydx, aZdydw, aZdydz, and others. The risk score for this vulnerability is 10, indicating a high level of risk to organizations. The base severity is low with a base score of 2.7, but the privileges required are high. The exploitability score is 1.2, suggesting that it is relatively easy to exploit this vulnerability remotely over the network without user interaction. The potential danger lies in the possibility of attackers exploiting business logic errors to manipulate or bypass security controls and gain unauthorized access or perform malicious activities within affected systems. It is recommended to remediate this vulnerability by updating the froxlor/froxlor repository to versions 2.0.22 or 2.1.0 or later versions that address these logic errors.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share