CVE-2023-4828

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Published Sep 13, 2023
Updated: Oct 13, 2023
CWE ID 754

Summary

CVE-2023-4828 is a vulnerability that affects the Insider Threat Management (ITM) Server. It allows an attacker to change the server's configuration for any already-registered agent, causing all future communications from the agent to be sent to a URL chosen by the attacker. This could lead to the disclosure, alteration, or deletion of sensitive data events related to personally identifiable information (PII) and intellectual property. To exploit this vulnerability, the attacker needs to obtain valid agent credentials and hostname. All versions prior to 7.14.3.69 of ITM Server are vulnerable. Remediation involves updating ITM Server to version 7.14.3.69 or later. The vulnerability has a base severity rating of MEDIUM with a base score of 6.4 out of 10 and poses a potential danger to organizations in terms of confidentiality impact being HIGH and integrity impact being LOW, as assessed by [email protected] based on CVSS:3.1 metrics.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-4828 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database