CVE-2023-24476

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ptc:vuforia_studio:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:47

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 3.3
v2 : unknown
v3 : 1.8
References () https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - Broken Link () https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - Broken Link

15 Jun 2023, 17:25

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 3.3
CPE cpe:2.3:a:ptc:vuforia_studio:*:*:*:*:*:*:*:*
References
  • (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - Third Party Advisory, US Government Resource
References (MISC) https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - (MISC) https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - Broken Link
CWE CWE-285 NVD-CWE-noinfo

07 Jun 2023, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-07 22:15

Updated : 2024-11-21 07:47


NVD link : CVE-2023-24476

Mitre link : CVE-2023-24476

CVE.ORG link : CVE-2023-24476


JSON object : View

Products Affected

ptc

  • vuforia_studio
CWE
CWE-285

Improper Authorization

NVD-CWE-noinfo