Session Cookie Vulnerability in NCR Terminal Handler Affects User Account Security
CVE-2023-47294

Currently unrated

Key Information:

Vendor: NCR
Status: Terminal Handler
Vendor: CVE Published:; 23 June 2025

What is CVE-2023-47294?

A security issue in NCR Terminal Handler v1.5.1 permits low-level privileged authenticated attackers to manipulate user accounts. This can be done by utilizing a crafted session cookie to deactivate, lock, or delete accounts, posing significant risks to user security and account integrity.

References

https://drive.google.com/file/d/1owG3_2oVpoCb34Mb7nCYZNrj...

https://github.com/pwahba/cve-research/blob/main/CVE-2023...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Nov 6, 2023