CVE-2023-50976

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 18, 2023
Updated: Dec 22, 2023
CWE ID 862

Summary

The vulnerability with CVE ID CVE-2023-50976 affects Redpanda versions before 23.1.21 and 23.2.x before 23.2.18, specifically in the Transactions API, due to missing authorization checks. It has a risk score of 66 and is categorized as a cyber vulnerability with a base severity of CRITICAL. The potential danger it poses to an organization is high, as it allows unauthorized access to transactions, compromising the integrity and confidentiality of sensitive data. The vulnerability can be remediated by updating Redpanda to versions 23.1.21 or 23.2.x (specifically, 23.2.18) that include the necessary authorization checks in the Transactions API to prevent unauthorized access and mitigate the potential risks associated with this vulnerability. Note: The information provided in this summary is based on the data given and does not contain any personal opinions or biases.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-50976 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database