Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to an insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2023-07-18T17:17:29.939Z
Updated: 2024-08-02T17:39:12.252Z
Reserved: 2023-07-13T17:28:15.854Z
Link: CVE-2023-38257
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-07-18T18:15:12.620
Modified: 2023-11-07T04:17:14.100
Link: CVE-2023-38257
Redhat
No data.