CVE-2023-47776
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2023-47776 is a Missing Authorization vulnerability affecting miniOrange's miniorange otp verification software. This issue arises due to incorrectly configured access control security levels, which can be exploited. The vulnerability exists in versions from n/a through 4.2.1 of the software. An attacker can potentially gain unauthorized access to protected systems or data if they successfully exploit this flaw. Organizations using the affected miniorange otp verification software are strongly advised to update to a secure version and implement appropriate access control measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.