CVE-2023-6376
CVSS V2 None
CVSS V3 None
Description
Henschen & Associates court document management software does not sufficiently randomize file names of cached documents, allowing a remote, unauthenticated attacker to access restricted documents.
Overview
- CVE ID
- CVE-2023-6376
- Assigner
- cisa-cg
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-30T17:55:13.992Z
- Last Modified Date
- 2023-11-30T20:55:04.245Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.henschen.com/government | product |
| https://github.com/qwell/disorder-in-the-court/blob/main/README-Henschen%26Associates.md | |
| https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/ | media-coverage |
| https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems | government-resource third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-6376 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6376 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 06:39:12 | Added to TrackCVE |