Lucene search
TR-CERTCVE-2023-2065HistoryMay 24, 2023 - 1:15 p.m.
CVE-2023-2065
2023-05-2413:15:09
CWE-639
TR-CERT
web.nvd.nist.gov
22
cve-2023-2065
authorization bypass
user-controlled key
armoli technology
cargo tracking system
authentication abuse
authentication bypass
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
35.1%
Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28 .
Affected configurations
Node
armolicargo_tracking_systemRange<3558f28
| Vendor | Product | Version | CPE |
|---|---|---|---|
| armoli | cargo_tracking_system | * | cpe:2.3:a:armoli:cargo_tracking_system:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Cargo Tracking System",
"vendor": "Armoli Technology",
"versions": [
{
"lessThan": "3558f28 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2023-2065 IDOR in Armoli Technology's Cargo Tracking System
2023-05-24 12:04:41
prion
prion
Authorization
2023-05-24 13:15:00
nvd
nvd
CVE-2023-2065
2023-05-24 13:15:09
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
35.1%
Related for CVE-2023-2065