An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API.
References
Link | Resource |
---|---|
http://dcap.com | Not Applicable |
http://makves.com | Not Applicable |
https://pastebin.com/L5BkBeEE | Third Party Advisory |
http://dcap.com | Not Applicable |
http://makves.com | Not Applicable |
https://pastebin.com/L5BkBeEE | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://dcap.com - Not Applicable | |
References | () http://makves.com - Not Applicable | |
References | () https://pastebin.com/L5BkBeEE - Third Party Advisory |
28 Jun 2023, 13:50
Type | Values Removed | Values Added |
---|---|---|
First Time |
Makves
Makves dcap |
|
CWE | CWE-312 | |
CPE | cpe:2.3:a:makves:dcap:3.0.0.183:*:*:*:*:*:*:* cpe:2.3:a:makves:dcap:3.0.0.122:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) http://dcap.com - Not Applicable | |
References | (MISC) http://makves.com - Not Applicable | |
References | (MISC) https://pastebin.com/L5BkBeEE - Third Party Advisory |
21 Jun 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-21 16:15
Updated : 2024-12-06 19:15
NVD link : CVE-2023-27243
Mitre link : CVE-2023-27243
CVE.ORG link : CVE-2023-27243
JSON object : View
Products Affected
makves
- dcap
CWE
CWE-312
Cleartext Storage of Sensitive Information