CVE-2023-4448
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 21, 2023
Updated: May 17, 2024
CWE ID 400
Summary
CVE-2023-4448 is a critical vulnerability affecting OpenRapid RapidCMS 1.3.1. The issue lies in the processing of the admin/run-movepass.php file, where manipulation of the arguments password/password2 leads to weak password recovery. This vulnerability can be exploited remotely, and the exploit has already been disclosed to the public. The patch identifier is 4dff387283060961c362d50105ff8da8ea40bcbe, and it is strongly recommended to apply it to mitigate this risk. VDB-237569 is the identifier assigned to this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Red Hat OpenStack Platform
- Red Hat Enterprise Linux
- Debian
- F5 LTM
- Fedora Operating System
Affected Vendors
- Debian
- Red Hat
- Fedora Project
- Microsoft
- F5 Networks