Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
References
Link | Resource |
---|---|
https://borelenzo.github.io/stuff/2023/06/02/cve-2023-3064_65_66.html | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: NCSC.ch
Published: 2023-06-05T08:24:53.735Z
Updated: 2023-06-05T08:24:53.735Z
Reserved: 2023-06-02T14:24:17.323Z
Link: CVE-2023-3064
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-05T09:15:09.413
Modified: 2023-06-13T16:41:22.930
Link: CVE-2023-3064
JSON object: View
Redhat Information
No data.