Vulnerability Details CVE-2023-43183
Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.2%
CVSS Severity
CVSS v3 Score 8.8
References
- http://seclists.org/fulldisclosure/2024/Jan/43
- https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
- http://seclists.org/fulldisclosure/2024/Jan/43
- https://packetstormsecurity.com/files/176841/Reprise-License-Manager-15.1-Privilege-Escalation-File-Write.html
Products affected by CVE-2023-43183
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:15.1
-
cpe:2.3:a:reprisesoftware:reprise_license_manager:15.2