Data Exposure in Autodesk Customer Support Portal
CVE-2023-41146

4.3MEDIUM

Key Information:

Vendor: Autodesk
Status: Customer Portal
Vendor: CVE Published:; 22 November 2023

Summary

A vulnerability in Autodesk's Customer Support Portal allows users to view cases created by other users within the same account. This could lead to unauthorized access to sensitive information, as users inadvertently gain insight into each other’s support cases. Organizations using this portal should be aware of the potential risks and take appropriate actions to mitigate data exposure.

Affected Version(s)

Customer Portal 0

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2023
Vulnerability Reserved
Aug 23, 2023