CVE-2023-23957

Summary

An authenticated user can see and modify the value for ‘next’ query parameter in Symantec Identity Portal 14.4

Affected Software

VendorProductVersion RangeStatus
Symantec - A Division of BroadcomSymantec Identity Governance And Administration14.4affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References