Vulnerability Details CVE-2023-49032
An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-49032
-
cpe:2.3:a:ltb-project:self_service_password:0.3
-
cpe:2.3:a:ltb-project:self_service_password:0.4
-
cpe:2.3:a:ltb-project:self_service_password:0.5
-
cpe:2.3:a:ltb-project:self_service_password:0.6
-
cpe:2.3:a:ltb-project:self_service_password:0.7
-
cpe:2.3:a:ltb-project:self_service_password:0.8
-
cpe:2.3:a:ltb-project:self_service_password:0.9
-
cpe:2.3:a:ltb-project:self_service_password:1.0
-
cpe:2.3:a:ltb-project:self_service_password:1.1
-
cpe:2.3:a:ltb-project:self_service_password:1.2
-
cpe:2.3:a:ltb-project:self_service_password:1.3
-
cpe:2.3:a:ltb-project:self_service_password:1.4
-
cpe:2.3:a:ltb-project:self_service_password:1.4.1
-
cpe:2.3:a:ltb-project:self_service_password:1.4.2
-
cpe:2.3:a:ltb-project:self_service_password:1.4.3
-
cpe:2.3:a:ltb-project:self_service_password:1.4.4
-
cpe:2.3:a:ltb-project:self_service_password:1.4.5
-
cpe:2.3:a:ltb-project:self_service_password:1.5.0
-
cpe:2.3:a:ltb-project:self_service_password:1.5.1
-
cpe:2.3:a:ltb-project:self_service_password:1.5.2
-
cpe:2.3:a:ltb-project:self_service_password:1.5.3