CVE-2023-1632

** DISPUTED ** A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and classified as critical. This vulnerability affects unknown code of the file /PROD_ar/twbkwbis.P_FirstMenu of the component Login Page. The manipulation of the argument PIDM/WEBID leads to improper authorization. The attack can be initiated remotely. After submitting proper login credentials it becomes possible to generate new valid session identifiers on the OTP page. The real existence of this vulnerability is still doubted at the moment. VDB-224014 is the identifier assigned to this vulnerability.

CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

30 Mar 2023, 19:50

Type	Values Removed	Values Added
References	~~(MISC) https://vuldb.com/?id.224014 -~~	(MISC) https://vuldb.com/?id.224014 - Permissions Required, Third Party Advisory
References	~~(MISC) https://vuldb.com/?ctiid.224014 -~~	(MISC) https://vuldb.com/?ctiid.224014 - Permissions Required, Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CWE		CWE-862
CPE		cpe:2.3:a:ellucian:banner_web_tailor:8.6:::::::*

27 Mar 2023, 12:40

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-03-25 17:15

Updated : 2024-02-04 23:37

NVD link : CVE-2023-1632

Mitre link : CVE-2023-1632

CVE.ORG link : CVE-2023-1632

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2023-1632

Attach tags to `CVE-2023-1632`