Vulnerability Details CVE-2023-30223
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.8%
CVSS Severity
CVSS v3 Score 7.5
References
- https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/
- https://packetstormsecurity.com
- https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/
- https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/
- https://packetstormsecurity.com
- https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/