CVE-2023-47256

5.5MEDIUM

Key Information

Vendor
Connectwise
Status
Screenconnect
Automate
Vendor
CVE Published:
1 February 2024

Summary

ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings

References

https://www.connectwise.com/company/trust/security-bullet...
https://web.archive.org/web/20240208140218/https://gotham...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.