CVE-2023-6905

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 18, 2023
Updated: May 17, 2024
CWE ID 90

Summary

CVE-2023-6905 is a recently identified vulnerability affecting Jahastech NxFilter 4.3.2.5. This issue lies in the Bind Request Handler component and involves improper processing of the file user,adap.jsp?actionFlag=test&id=1. The flaw results in an LDAP injection, which can be exploited remotely. Although the exact extent of the impact is unknown, the vulnerability is classified as problematic, and the associated identifier is VDB-248267. Regrettably, the vendor failed to respond to disclosure notifications regarding this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share