CVE-2023-49167

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 9, 2024
CWE ID 862

Summary

CVE-2023-49167 is a new vulnerability affecting the Code4Life Database for CF7. This missing authorization issue allows unauthorized access to data due to incorrectly configured access control security levels. The vulnerability can be exploited and impacts all versions of the Database for CF7, from n/a through 1.2.4. This security flaw may potentially enable attackers to gain unauthorized access to sensitive information, leading to potential data breaches and privacy concerns. Organizations using this database are strongly advised to apply the necessary patches or updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share