CVE-2023-41084
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Socomec | MODULYS GP (MOD3GP-SY-120K) | v01.12.10 | affected |
Weaknesses
- CWE-565: CWE-565 Reliance on Cookies without Validation and Integrity Checking
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.