CVE-2023-4910

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 6, 2023
Updated: Dec 13, 2023

Summary

CVE-2023-4910 is a vulnerability affecting the 3Scale Admin Portal. Upon logging out from the personal tokens page and using the browser's back button, the tokens page is inadvertently displayed from the cache, revealing previously used tokens. This issue grants unauthorized access to tokens, potentially compromising the security of user accounts and applications that utilize these tokens for authentication. Users are advised to exercise caution when navigating the portal and avoid using the back button after logging out. Additionally, administrators are encouraged to update their systems as soon as a patch becomes available to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share