CVE-2023-47369

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 9, 2023
Updated: Nov 20, 2023
CWE ID 326

Summary

CVE-2023-47369 is a newly disclosed vulnerability that affects a specific software component. In this issue, the leakage of a channel access token in the best_training_member function at Line 13.6.1 enables remote attackers to send malicious notifications. The token leak exposes sensitive authentication information, providing unauthorized access to the system. Attackers can exploit this vulnerability to execute unintended actions, potentially leading to data breaches or unauthorized system modifications. Organizations using the affected software are encouraged to apply the available patch promptly to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share