CVE-2023-48259

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 10, 2024
Updated: Jan 16, 2024
CWE ID 89

Summary

CVE-2023-48259 is a newly discovered vulnerability that enables unauthenticated attackers to read arbitrary content from the results database through crafted HTTP requests. This issue does not require any form of authentication, making it particularly dangerous. An attacker can exploit this vulnerability to gain sensitive information, potentially leading to data breaches or further attacks. The affected system should be updated as soon as possible to mitigate this risk. Users are advised to implement additional security measures, such as firewalls and access controls, to prevent unauthorized access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share