Vulnerability Details : CVE-2023-43183
Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account.
Products affected by CVE-2023-43183
- cpe:2.3:a:reprise:license_manager:15.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-43183
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-43183
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | 2024-02-13 |
References for CVE-2023-43183
-
https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
Reprise License Manager 15.1 Privilege Escalation / File Write ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2024/Jan/43
Full Disclosure: Multiple Vulnerabilities in Reprise License Manager 15.1 (CVE-2023-43183, CVE-2023-44031)Exploit;Mailing List;Third Party Advisory
Jump to