Vulnerability Description
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2024/Apr/1
- https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt
- https://www.schutzwerk.com/blog/schutzwerk-sa-2023-003/
- https://www.visual-planning.com/en/support-portal/updates
- http://seclists.org/fulldisclosure/2024/Apr/1
- https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt
- https://www.schutzwerk.com/blog/schutzwerk-sa-2023-003/
- https://www.visual-planning.com/en/support-portal/updates
FAQ
What is CVE-2023-49231?
CVE-2023-49231 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token.
How severe is CVE-2023-49231?
CVE-2023-49231 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-49231?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.