CVE-2023-24476

low

Description

An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13

Details

Source: Mitre, NVD

Published: 2023-06-07

Updated: 2023-06-15

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N