Improper Authentication in North Grid Corporation products - CVE-2023-39415
Published: August 24, 2023
Vulnerability identifier: #VU79933
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-39415
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: North Grid Corporation
Affected software:
Proself Enterprise Edition
Proself Standard Edition
Proself Gateway Edition
Proself Mail Sanitize Edition
Proself Enterprise Edition
Proself Standard Edition
Proself Gateway Edition
Proself Mail Sanitize Edition
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests. A remote attacker can log in to the product's Control Panel and perform an unintended operation.
How to mitigate CVE-2023-39415
Install updates from vendor's website.