CVE-2023-44142
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Dec 13, 2024
CWE ID 862
Summary
CVE-2023-44142 is a Missing Authorization vulnerability affecting Inactive Logout, a software component used for managing user sessions. The flaw allows unauthorized access when Inactive Logout's access control security levels are incorrectly configured. This issue can be exploited by an attacker to bypass authentication, potentially gaining unauthorized access to sensitive data or functionality. This vulnerability affects versions of Inactive Logout ranging from n/a to 3.2.2, making it crucial for users to apply the necessary patches to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share