CVE-2023-6329
CVSS V2 None
CVSS V3 None
Description
An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative user.
Overview
- CVE ID
- CVE-2023-6329
- Assigner
- tenable
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-27T16:34:50.656Z
- Last Modified Date
- 2023-11-28T15:47:13.770Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://tenable.com/security/research/tra-2023-36 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-6329 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6329 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 06:18:45 | Added to TrackCVE |