Weak Password Vulnerability in User Management Section
CVE-2023-41923

7.2HIGH

Key Information:

Vendor: Kiloview
Status: P1/p2
Vendor: CVE Published:; 2 July 2024

What is CVE-2023-41923?

The user management component of the web application allows the creation of user accounts using weak passwords, including those with a singular character. This vulnerability undermines the overall security posture of the application, making it susceptible to unauthorized access and account compromise. It is crucial for organizations to enforce stringent password policies and implement measures to mitigate risks associated with weak credentials.

Affected Version(s)

P1/P2 All <= 4.8.2605

References

https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2024
Vulnerability Reserved
Sep 5, 2023

Kiloview

What is CVE-2023-41923?

Affected Version(s)

References

CVSS V3.1

Timeline