logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-36649

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-36649

Description:
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the Loki REST API without authentication.
Last updated date:
12/14/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/14/2023
Reference url to background

https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36649

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy