ГлавнаяУязвимости → CVE-2023-6451
8.6высокая

CVE-2023-6451

Описание

Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.

Затрагиваемое ПО
Alayacare Procura
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Источники
https://www.themissinglink.com.au/security-advisories/cve-2023-6451https://www.themissinglink.com.au/security-advisories/cve-2023-6451