CVE-2023-41264 | Netwrix Usercube prior 6.0.215 API improper authentication

Posted by Angelo Barbosa | Nov 28, 2023 | CVE

A vulnerability, which was classified as critical, has been found in Netwrix Usercube. Affected by this issue is some unknown functionality of the component API. The manipulation of the argument restSettings.AuthorizedClientId/restSettings.AuthorizedSecret leads to improper authentication.

This vulnerability is handled as CVE-2023-41264. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-41264 | Netwrix Usercube prior 6.0.215 API improper authentication

Related Posts

CVE-2024-29269 | Telesquare TLR-2005Ksh 1.0.0/1.1.4 Cmd command injection

CVE-2022-49002 | Linux Kernel up to 6.0.11 iommu dmar_dev_scope_init reference count

CVE-2024-38963 | Nopcommerce 4.70.1 cross site scripting (Issue 7224)

CVE-2024-48758 | dingfanzu CMS 1.0 doAdminAction.php addPro cross-site request forgery