Lucene search

AutodeskCVE-2023-41146

HistoryNov 22, 2023 - 7:15 a.m.

CVE-2023-41146

2023-11-2207:15:07

autodesk

web.nvd.nist.gov

autodesk

customer support

portal

vulnerability

access

cases

security

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

Percentile

14.0%

JSON

Autodesk Customer Support Portal allows cases created by users under an account to see cases created by other users on the same account.

Affected configurations

Nvd

Node

autodeskcustomer_portalMatch-

VendorProductVersionCPE
autodeskcustomer_portal-cpe:2.3:a:autodesk:customer_portal:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
autodesk	customer_portal	-	cpe:2.3:a:autodesk:customer_portal:-:::::::*

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Customer Portal",
    "vendor": "Autodesk",
    "versions": [
      {
        "status": "unknown",
        "version": "0"
      }
    ]
  }
]

References

www.autodesk.com/trust/security-advisories/adsk-sa-2023-0020

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

Percentile

14.0%

JSON

Related for CVE-2023-41146