CVE-2023-49238
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-49238 is a vulnerability affecting Gradle Enterprise versions prior to 2023.1. The issue involves a non-unique initial system user password, which can allow a remote attacker to gain access to a new installation in certain scenarios. While the password must be changed upon the first login, there is a risk that an attacker could log in before the legitimate administrator, resulting in unauthorized access. This vulnerability poses a significant security risk and requires immediate attention from Gradle Enterprise users to apply the necessary patch or upgrade.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Gradle Enterprise
Affected Vendors
- Gradle