CVE-2023-29168

Summary

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication.

Affected Software

VendorProductVersion RangeStatus
PTCVuforia Studio0 < 9.9affected

Weaknesses

  • CWE-522: CWE-522: Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References