Unauthenticated Information Disclosure in Verint Workforce Optimization Suite
CVE-2020-23446

5.3MEDIUM

Key Information:

Vendor

Verint

Status
Workforce Optimization
Vendor
CVE Published:
22 September 2020

What is CVE-2020-23446?

The Verint Workforce Optimization suite version 15.1 (15.1.0.37634) is susceptible to an unauthenticated information disclosure via its API. This vulnerability allows unauthorized users to access sensitive information without proper authentication, posing a risk to data confidentiality and system integrity. Organizations utilizing this product should assess the exposure of their systems and implement necessary security measures to mitigate potential threats.

References

http://verint.com
x_refsource_MISC
http://cvewalkthrough.com/variant-unauthenticated-informa...
x_refsource_MISC
https://tejaspingulkar.blogspot.com/2020/09/cve-2020-2344...
x_refsource_MISC

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.