Podatność CVE-2023-36648


Publikacja: 2023-12-12   Modyfikacja: 2023-12-14

Opis:
Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2 allows remote unauthenticated users to read potentially sensitive information and deny service to users by directly reading and writing data in Apache Kafka (as consumer and producer).

Typ:

CWE-287

(Improper Authentication)

Affected software
Prolion -> Cryptospike 

 Referencje:
https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36648

Copyright 2024, cxsecurity.com

 

Back to Top