| ID |
CVE-2023-46595
|
| Sažetak |
Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks. Fixed in A32.20 (b570 or above), A32.50 (b390 or above) |
| Reference |
|
| CVSS |
| Base: | 5.9 |
| Impact: | 5.5 |
| Exploitability: | 0.4 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| ADJACENT_NETWORK |
HIGH |
HIGH |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| HIGH |
HIGH |
LOW |
|
| CVSS vektor |
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L |
| Zadnje važnije ažuriranje |
12-11-2025 - 09:15 |
| Objavljeno |
02-11-2023 - 08:15 |
