CVE-2023-24476

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ptc:vuforia_studio:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:47

Type Values Removed Values Added
References () https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - Broken Link () https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 - Broken Link
CVSS v2 : unknown
v3 : 3.3
v2 : unknown
v3 : 1.8

Information

Published : 2023-06-07 22:15

Updated : 2024-11-21 07:47


NVD link : CVE-2023-24476

Mitre link : CVE-2023-24476

CVE.ORG link : CVE-2023-24476


JSON object : View

Products Affected

ptc

  • vuforia_studio
CWE
CWE-285

Improper Authorization

NVD-CWE-noinfo