CVSS 3.1 Score 6.5 of 10 (medium)


Published Oct 26, 2023
Updated: Nov 7, 2023
CWE ID 284


CVE-2023-45228 is a vulnerability that affects an application, leading to improper access control when editing users. This vulnerability allows a user with read permissions to manipulate users, passwords, and permissions through a single HTTP POST request with modified parameters. The base severity of this vulnerability is rated as MEDIUM, with a score of 6.5. The potential danger it poses to an organization includes high integrity impact but no confidentiality impact. To remediate this vulnerability, proper access control measures need to be implemented.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45228 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options