CVE-2023-47776

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-47776 is a Missing Authorization vulnerability affecting miniOrange's miniorange otp verification software. This issue arises due to incorrectly configured access control security levels, which can be exploited. The vulnerability exists in versions from n/a through 4.2.1 of the software. An attacker can potentially gain unauthorized access to protected systems or data if they successfully exploit this flaw. Organizations using the affected miniorange otp verification software are strongly advised to update to a secure version and implement appropriate access control measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share