CVE-2023-41264 - Vulnerability Details - OpenCVE

Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints).

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00037.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Netwrix	Usercube

Configuration 1 [-]

cpe:2.3:a:netwrix:usercube:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-45781	Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints).

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.netwrix.com/identity_governance_and_administration_solution.html
https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-11-28T00:00:00.000Z

Updated: 2025-06-05T13:56:20.252Z

Reserved: 2023-08-25T00:00:00.000Z

Link: CVE-2023-41264

Vulnrichment

Updated: 2024-08-02T18:54:05.167Z

NVD

Status : Modified

Published: 2023-11-28T17:15:07.857

Modified: 2024-11-21T08:20:56.717

Link: CVE-2023-41264

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-41264", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-06-05T13:56:20.252Z", "dateReserved": "2023-08-25T00:00:00.000Z", "datePublished": "2023-11-28T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-11-28T17:07:19.717Z"}, "descriptions": [{"lang": "en", "value": "Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints)."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.netwrix.com/identity_governance_and_administration_solution.html"}, {"url": "https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "CWE-287 Improper Authentication"}]}], "affected": [{"vendor": "netwrix", "product": "usercube", "cpes": ["cpe:2.3:a:netwrix:usercube:6.0.215:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0.215", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-26T15:11:30.584899Z", "id": "CVE-2023-41264", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-05T13:56:20.252Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:05.167Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.netwrix.com/identity_governance_and_administration_solution.html", "tags": ["x_transferred"]}, {"url": "https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.netwrix.com/identity_governance_and_administration_solution.html", "tags": ["x_transferred"]}, {"url": "https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:05.167Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-41264", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-26T15:11:30.584899Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:netwrix:usercube:6.0.215:*:*:*:*:*:*:*"], "vendor": "netwrix", "product": "usercube", "versions": [{"status": "affected", "version": "6.0.215"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T15:14:51.724Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.netwrix.com/identity_governance_and_administration_solution.html"}, {"url": "https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities"}], "descriptions": [{"lang": "en", "value": "Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-11-28T17:07:19.717Z"}}}, "cveMetadata": {"cveId": "CVE-2023-41264", "state": "PUBLISHED", "dateUpdated": "2025-06-05T13:56:20.252Z", "dateReserved": "2023-08-25T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-11-28T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netwrix:usercube:*:*:*:*:*:*:*:*", "matchCriteriaId": "33CD5527-85B1-4F81-8775-FA10F76F8016", "versionEndExcluding": "6.0.215", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints)."}, {"lang": "es", "value": "Netwrix Usercube anterior a 6.0.215, en ciertas instalaciones locales mal configuradas, permite omitir la autenticaci\u00f3n en los endpoints de implementaci\u00f3n, lo que lleva a una escalada de privilegios. Esto solo ocurre si la configuraci\u00f3n omite los campos restSettings.AuthorizedClientId y restSettings.AuthorizedSecret requeridos (para los endpoints POST /api/Deployment/ExportConfiguration y POST /api/Deployment)."}], "id": "CVE-2023-41264", "lastModified": "2024-11-21T08:20:56.717", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-11-28T17:15:07.857", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.netwrix.com/identity_governance_and_administration_solution.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.netwrix.com/identity_governance_and_administration_solution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.synacktiv.com/advisories/usercube-netwrix-multiple-vulnerabilities"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}