1 results (0.007 seconds)
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41264
https://notcve.org/view.php?id=CVE-2023-41264
28 Nov 2023 — Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints). Netwrix Usercube anterior a 6.0.215, en ciertas instalaciones locales mal configuradas, permite omitir la autenticación en ... • https://www.netwrix.com/identity_governance_and_administration_solution.html • CWE-287: Improper Authentication •