CVE-2023-31200

Summary

PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site request forgery attack or a replay attack.

Affected Software

VendorProductVersion RangeStatus
PTCVuforia Studio0 < 9.9affected

Weaknesses

  • CWE-352: CWE-352: Cross-Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References