Authorization Bypass Through User-Controlled Key Vulnerability Affects MİA-MED
CVE-2023-6515

8.8HIGH

Key Information:

Vendor

Mia Technology Inc.

Status
Mi̇a-med
Vendor
CVE Published:
8 February 2024

What is CVE-2023-6515?

A vulnerability has been identified in MIA-MED developed by Mia Technology Inc. An authorization bypass through a user-controlled key can potentially allow malicious actors to exploit authentication mechanisms. This issue impacts MIA-MED versions prior to 1.0.7, posing a risk where unauthorized users may gain access to privileged functionalities. Organizations employing this software should take immediate action to upgrade to a patched version to mitigate this serious security risk.

Affected Version(s)

MİA-MED 0 < 1.0.7

References

https://www.usom.gov.tr/bildirim/tr-24-0087

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mustafa Anıl YILDIRIM
.