CVE-2023-48375

SmartStar Software CWS is a web-based integration platform, it has a vulnerability of missing authorization and users are able to access data or perform actions that they should not be allowed to perform via commands. An authenticated with normal user privilege can execute administrator privilege, resulting in performing arbitrary system operations or disrupting service.
Configurations

Configuration 1 (hide)

cpe:2.3:a:csharp:cws_collaborative_development_platform:10.25:*:*:*:*:*:*:*

History

21 Nov 2024, 08:31

Type Values Removed Values Added
References () https://www.twcert.org.tw/tw/cp-132-7594-dac20-1.html - Third Party Advisory () https://www.twcert.org.tw/tw/cp-132-7594-dac20-1.html - Third Party Advisory

20 Dec 2023, 13:45

Type Values Removed Values Added
First Time Csharp
Csharp cws Collaborative Development Platform
CPE cpe:2.3:a:csharp:cws_collaborative_development_platform:10.25:*:*:*:*:*:*:*
CWE CWE-862
References () https://www.twcert.org.tw/tw/cp-132-7594-dac20-1.html - () https://www.twcert.org.tw/tw/cp-132-7594-dac20-1.html - Third Party Advisory

15 Dec 2023, 13:42

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-15 08:15

Updated : 2024-11-21 08:31


NVD link : CVE-2023-48375

Mitre link : CVE-2023-48375

CVE.ORG link : CVE-2023-48375


JSON object : View

Products Affected

csharp

  • cws_collaborative_development_platform
CWE
CWE-862

Missing Authorization