MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
References
Link | Resource |
---|---|
https://0dr3f.github.io/cve/ | Third Party Advisory |
Configurations
History
22 Sep 2023, 16:45
Type | Values Removed | Values Added |
---|---|---|
First Time |
Minitool
Minitool power Data Recovery |
|
CPE | cpe:2.3:a:minitool:power_data_recovery:11.6:*:*:*:*:*:*:* | |
CWE | CWE-295 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
References | (MISC) https://0dr3f.github.io/cve/ - Third Party Advisory |
19 Sep 2023, 17:57
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-19 16:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-38356
Mitre link : CVE-2023-38356
CVE.ORG link : CVE-2023-38356
JSON object : View
Products Affected
minitool
- power_data_recovery
CWE
CWE-295
Improper Certificate Validation