CVE-2023-39420 — CRITICAL (9.9)

Vulnerability Description

The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.

CVSS Score

9.9

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Resortdata	Internet Reservation Module Next Generation	5.3.2.15

Related Weaknesses (CWE)

CWE-798

References

https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-iThird Party Advisory
https://bitdefender.com/blog/labs/check-out-with-extra-charges-vulnerabilities-iThird Party Advisory

FAQ

What is CVE-2023-39420?

CVE-2023-39420 is a vulnerability with a CVSS score of 9.9 (CRITICAL). The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routi...

How severe is CVE-2023-39420?

CVE-2023-39420 has been rated CRITICAL with a CVSS base score of 9.9/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-39420?

Check the references section above for vendor advisories and patch information. Affected products include: Resortdata Internet Reservation Module Next Generation.