logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-41264

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-41264

Description:
Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints).
Last updated date:
08/01/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/04/2023
Reference url to background

https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy