Authentication Bypass Vulnerability in HYPR Server by HYPR
CVE-2023-1837

8.5HIGH

Key Information:

Vendor: Hypr
Status: Hypr Server
Vendor: CVE Published:; 23 May 2023

What is CVE-2023-1837?

A vulnerability in HYPR Server allows for authentication bypass due to missing security measures in critical functions. This issue specifically affects versions of HYPR Server prior to 8.0 when Legacy APIs are enabled, potentially exposing sensitive functions to unauthorized access. Organizations using the affected versions are urged to evaluate their security configurations and upgrade to mitigate the risks associated with this vulnerability.

Affected Version(s)

HYPR Server 0 < 8.0

References

https://www.hypr.com/security-advisories

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2023
Vulnerability Reserved
Apr 4, 2023

Hypr

What is CVE-2023-1837?

Affected Version(s)

References

CVSS V3.1

Timeline