CVE-2023-5456
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Mar 5, 2024
CWE ID 798
Summary
CVE-2023-5456 is a vulnerability classified as CWE-798, which involves the use of hard-coded credentials in the MariaDB database of the AiLux imx6 bundle. This flaw enables unauthenticated attackers to gain access to the database service and all associated data, effectively obtaining privileges equivalent to the web application. This security weakness affects versions of the imx6 bundle below imx6_1.0.7-2.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share