1. Home
  2. CVE Database
  3. CVE-2023-39737
HIGH · 8.2

CVE-2023-39737

The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

Vulnerability Description

The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
LinecorpMatsuya13.6.1

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2023-39737?

CVE-2023-39737 is a vulnerability with a CVSS score of 8.2 (HIGH). The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

How severe is CVE-2023-39737?

CVE-2023-39737 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-39737?

Check the references section above for vendor advisories and patch information. Affected products include: Linecorp Matsuya.