CVE-2023-5830
Summary
| CVE | CVE-2023-5830 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-10-27 21:15:00 UTC |
| Updated | 2023-11-07 20:50:00 UTC |
| Description | A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This affects an unknown part of the file /api/authentication/login of the component WebTools. The manipulation of the argument Server leads to improper authentication. It is possible to initiate the attack remotely. Upgrading to version 7.2 SP4 and 2021.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-243729 was assigned to this vulnerability. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Documentlocator | Document Locator | All | All | All | All |
| Application | Documentlocator | Document Locator | 21 | All | All | All |
| Application | Documentlocator | Document Locator | 7.2 | - | All | All |
| Application | Documentlocator | Document Locator | 7.2 | sp3 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Login required | MISC | vuldb.com | |
| CVE-2023-5830: ColumbiaSoft Document Locator WebTools login improper authentication | MISC | vuldb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.