Vulnerability CVE-2023-36648
Published: 2023-12-12   Modified: 2023-12-14

Description:
Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2 allows remote unauthenticated users to read potentially sensitive information and deny service to users by directly reading and writing data in Apache Kafka (as consumer and producer).

Type:

CWE-287

 (Improper Authentication)

Affected software
Prolion -> Cryptospike 

 References:
https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36648
Copyright 2024, cxsecurity.com

 

Back to Top