An attacker that has gained access to certain private information can use this to act as other user.
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0
References
Link | Resource |
---|---|
https://lists.apache.org/thread/j2d6mg3rzcphfd8vvvk09d8p4o9lvnqp | Mailing List |
Configurations
History
22 May 2023, 14:54
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://lists.apache.org/thread/j2d6mg3rzcphfd8vvvk09d8p4o9lvnqp - Mailing List | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
CPE | cpe:2.3:a:apache:openmeetings:*:*:*:*:*:*:*:* | |
First Time |
Apache openmeetings
Apache |
12 May 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-12 08:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-29032
Mitre link : CVE-2023-29032
CVE.ORG link : CVE-2023-29032
JSON object : View
Products Affected
apache
- openmeetings
CWE
CWE-287
Improper Authentication