CVE-2023-45083
Last modified
CVE-2023-45083 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1. . EPSS estimates a 0.24% chance of exploitation in the next 30 days.
Description
An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Softiron | Hypercloud | >= 1.0, < 2.1.0 |
References
- https://advisories.softiron.cloudRelease Notes
- https://advisories.softiron.cloudRelease Notes
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-45083?
How severe is CVE-2023-45083?
How do I fix CVE-2023-45083?
Are you affected by CVE-2023-45083?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST