A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Metrics
Affected Vendors & Products
References
History
Thu, 17 Oct 2024 09:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. | A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. |
Mon, 30 Sep 2024 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ailux
Ailux imx6 Bundle |
|
Weaknesses | CWE-862 | |
CPEs | cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:* | |
Vendors & Products |
Ailux
Ailux imx6 Bundle |
|
Metrics |
ssvc
|
Mon, 30 Sep 2024 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-425 |
MITRE
Status: PUBLISHED
Assigner: Nozomi
Published: 2024-03-05T11:33:24.233Z
Updated: 2024-10-17T09:32:54.237Z
Reserved: 2023-10-09T08:26:54.317Z
Link: CVE-2023-45598
Vulnrichment
Updated: 2024-08-02T20:21:16.644Z
NVD
Status : Awaiting Analysis
Published: 2024-03-05T12:15:47.277
Modified: 2024-10-17T10:15:03.030
Link: CVE-2023-45598
Redhat
No data.