CVE-2023-47022

Sažetak

Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection.

Reference

https://github.com/Patrick0x41/Security-Advisories/tree/main/CVE-2023-47022
https://github.com/Patrick0x41/Security-Advisories/tree/main/CVE-2023-47022

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Zadnje važnije ažuriranje

17-06-2025 - 17:15

Objavljeno

06-02-2024 - 01:15