CVE-2023-49961

WALLIX Bastion 7.x, 8.x, 9.x and 10.x and WALLIX Access Manager 3.x and 4.x have Incorrect Access Control which can lead to sensitive data exposure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
wallixbastion
7.0.0 ≤
𝑥
< 9.0.10
wallixbastion
10.0.0 ≤
𝑥
< 10.0.6
wallixbastion
10.4.0 ≤
𝑥
< 10.4.2
wallixbastion_access_manager
3.0.0 ≤
𝑥
≤ 4.0.3
𝑥
= Vulnerable software versions
References
https://www.wallix.com/support/alerts/
https://www.wallix.com/support/alerts/