CVE-2023-4400
CVSS V2 None
CVSS V3 None
Description
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.
Overview
- CVE ID
- CVE-2023-4400
- Assigner
- trellix
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-09-13T06:53:11.400Z
- Last Modified Date
- 2023-09-13T06:53:11.400Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://kcm.trellix.com/corporate/index?page=content&id=SB10406 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-4400 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4400 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 19:08:05 | Added to TrackCVE |