Access Control Flaw in Autodesk Accounts by Autodesk
CVE-2023-41145

5.3MEDIUM

Key Information:

Vendor: Autodesk
Status: Customer Portal
Vendor: CVE Published:; 22 November 2023

Summary

An access control vulnerability in Autodesk accounts allows users without an active license to still gain access to case information linked to their account. This flaw can pose security risks by potentially exposing sensitive information and case history to unauthorized individuals, compromising the integrity of user data.

Affected Version(s)

Customer Portal 0

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2023
Vulnerability Reserved
Aug 23, 2023