An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html | |
https://bugzilla.proxmox.com/show_bug.cgi?id=4579 | Issue Tracking Vendor Advisory |
https://bugzilla.proxmox.com/show_bug.cgi?id=4584 | Issue Tracking Vendor Advisory |
https://github.com/proxmox/proxmox-rs/commit/50b793db8d3421bbfe2bce060a486263f18a90cb | Patch |
http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html | |
https://bugzilla.proxmox.com/show_bug.cgi?id=4579 | Issue Tracking Vendor Advisory |
https://bugzilla.proxmox.com/show_bug.cgi?id=4584 | Issue Tracking Vendor Advisory |
https://github.com/proxmox/proxmox-rs/commit/50b793db8d3421bbfe2bce060a486263f18a90cb | Patch |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/176967/Proxmox-VE-7.4-1-TOTP-Brute-Force.html - | |
References | () https://bugzilla.proxmox.com/show_bug.cgi?id=4579 - Issue Tracking, Vendor Advisory | |
References | () https://bugzilla.proxmox.com/show_bug.cgi?id=4584 - Issue Tracking, Vendor Advisory | |
References | () https://github.com/proxmox/proxmox-rs/commit/50b793db8d3421bbfe2bce060a486263f18a90cb - Patch |
02 Feb 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-27 23:15
Updated : 2024-11-21 08:23
NVD link : CVE-2023-43320
Mitre link : CVE-2023-43320
CVE.ORG link : CVE-2023-43320
JSON object : View
Products Affected
proxmox
- backup_server
- virtual_environment
- proxmox_mail_gateway
CWE