CVE-2023-4472
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Feb 1, 2024
Updated: Feb 9, 2024
CWE ID 335
Summary
CVE-2023-4472 is a vulnerability affecting Objectplanet Opinio version 7.22 and older. The issue stems from the use of a cryptographically weak pseudo-random number generator (PRNG) in combination with a predictable seed. This weakness could be exploited by unauthenticated attackers to conduct account takeovers of any user on the application. This vulnerability poses a significant risk and underlines the importance of regularly updating software components to mitigate potential security threats.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Objectplanet Opinio
Affected Vendors
- Objectplanet