all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-28346 (insight)

Add to bookmarks
May 31, 2023, 12:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote attacker to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, etc. despite Virtual Host Routing being used to block this access. Remote attackers can interact with private pages on the web server, enabling them to perform privileged actions such as logging into the console and changing console settings if they have valid credentials.

access actions api api endpoints attackers block console cve endpoints etc exposed host insight issue login private privileged routing server the web virtual web web server windows

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SITEC - Pen Tester

@ Peraton | MacDill AFB, FL, United States
View on infosec-jobs.com

Information Security Specialist (Sr. OT Security Engineer)

@ Vertiv | Philippines
View on infosec-jobs.com

Product Security Engineer

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Cybersecurity Tools Engineer

@ Uni Systems | Mons, Wallonia, Belgium
View on infosec-jobs.com

Baseband Security Lead

@ Babcock | Corsham, GB, SN13 9NP
View on infosec-jobs.com

Cyber Network Defense Analyst III

@ KBR, Inc. | VA149: 1110 N Glebe Road Arlington 1110 North Glebe Road Suite 630, Arlington, VA, 22201 USA
View on infosec-jobs.com
View more jobs