CVE-2023-29065
EUVD-2023-3266828.11.2023, 21:15
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| bd | facschorus | 5.0 |
| bd | facschorus | 5.1 |
| bd | facschorus | 3.0 |
| bd | facschorus | 3.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-277 - Insecure Inherited PermissionsA product defines a set of insecure permissions that are inherited by objects that are created by the program.
- CWE-732 - Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.