CVE-2023-45083 — MEDIUM (4.2)

Q: How severe is CVE-2023-45083?

CVE-2023-45083 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-45083?

Check the references section above for vendor advisories and patch information. Affected products include: Softiron Hypercloud.

Vulnerability Description

An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1.

CVSS Score

4.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Softiron	Hypercloud	>= 1.0, < 2.1.0

Related Weaknesses (CWE)

CWE-269

References

https://advisories.softiron.cloudRelease Notes
https://advisories.softiron.cloudRelease Notes

FAQ

What is CVE-2023-45083?

CVE-2023-45083 is a vulnerability with a CVSS score of 4.2 (MEDIUM). An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able...

How severe is CVE-2023-45083?

CVE-2023-45083 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-45083?

Check the references section above for vendor advisories and patch information. Affected products include: Softiron Hypercloud.