Vulnerability Details CVE-2023-30223
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.6%
CVSS Severity
CVSS v3 Score 7.5
References
- https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/
- https://packetstormsecurity.com
- https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/
- https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/
- https://packetstormsecurity.com
- https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/