CVE-2023-6263

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Nov 22, 2023
Updated: Dec 18, 2023
CWE ID 290

Summary

CVE-2023-6263 is a vulnerability affecting Network Optix NxCloud versions prior to 23.1.0.40440. The IPVM team identified this issue, which allows an attacker to add a fake VMS (Video Management System) server to NxCloud. By using the identification of a legitimate VMS server, an attacker can retrieve authorization headers when a legitimate client connects to the fake server, potentially gaining unauthorized access to user accounts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share