Improper Authentication in Proself Software by Proself
CVE-2023-39415

7.5HIGH

Key Information:

Vendor: North Grid Corporation
Status: Proself Enterprise/standard Edition; Proself Gateway Edition; Proself Mail Sanitize Edition
Vendor: CVE Published:; 18 August 2023

Summary

An improper authentication vulnerability in Proself software allows remote unauthenticated attackers to access the product's Control Panel. This flaw impacts Proself Enterprise/Standard Edition versions prior to 5.61, Gateway Edition versions prior to 1.62, and Mail Sanitize Edition versions earlier than 1.07, enabling unauthorized operations that could compromise system integrity and security.

Affected Version(s)

Proself Enterprise/Standard Edition Ver5.61 and earlier

Proself Gateway Edition Ver1.62 and earlier

Proself Mail Sanitize Edition Ver1.07 and earlier

References

https://www.proself.jp/information/149/

https://www.proself.jp/information/150/

https://jvn.jp/en/jp/JVN19661362/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 18, 2023
Vulnerability Reserved
Aug 1, 2023