Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published: 2024-01-19T21:15:18.503Z
Updated: 2024-08-01T23:06:25.426Z
Reserved: 2024-01-19T17:35:09.985Z
Link: CVE-2024-23687
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-19T22:15:08.517
Modified: 2024-01-26T16:54:13.900
Link: CVE-2024-23687
Redhat
No data.