Vulnerability Details : CVE-2023-31293
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option being disabled.
Products affected by CVE-2023-31293
- cpe:2.3:a:sesami:cash_point_\&_transport_optimizer:6.3.8.6.718:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-31293
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 34 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-31293
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.8
|
1.4
|
NIST | 2024-01-08 |
References for CVE-2023-31293
-
https://herolab.usd.de/en/security-advisories/usd-2022-0061/
usd-2022-0061 - usd HeroLabThird Party Advisory
Jump to