Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-24476

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.

Published

2023-06-07T22:15:09.553

Last Modified

2024-11-21T07:47:56.170

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 1.8 (LOW)

Weaknesses

Type: Secondary
CWE-285
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ptc	vuforia_studio	< 9.9	Yes

References

https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 Broken Link ([email protected])
https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 Third Party Advisory, US Government Resource ([email protected])
https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13 Broken Link (af854a3a-2127-422b-91ae-364da2661108)