CVE-2023-5456

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Mar 5, 2024
CWE ID 798

Summary

CVE-2023-5456 is a vulnerability classified as CWE-798, which involves the use of hard-coded credentials in the MariaDB database of the AiLux imx6 bundle. This flaw enables unauthenticated attackers to gain access to the database service and all associated data, effectively obtaining privileges equivalent to the web application. This security weakness affects versions of the imx6 bundle below imx6_1.0.7-2.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share