CVE-2023-50976

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 18, 2023
Updated: Dec 22, 2023
CWE ID 862

Summary

The vulnerability with CVE ID CVE-2023-50976 affects Redpanda versions before 23.1.21 and 23.2.x before 23.2.18, specifically in the Transactions API, due to missing authorization checks. It has a risk score of 66 and is categorized as a cyber vulnerability with a base severity of CRITICAL. The potential danger it poses to an organization is high, as it allows unauthorized access to transactions, compromising the integrity and confidentiality of sensitive data. The vulnerability can be remediated by updating Redpanda to versions 23.1.21 or 23.2.x (specifically, 23.2.18) that include the necessary authorization checks in the Transactions API to prevent unauthorized access and mitigate the potential risks associated with this vulnerability.

Note: The information provided in this summary is based on the data given and does not contain any personal opinions or biases.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-50976 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options