CVE-2023-23327

CVSS 4.9 MEDIUMEPSS 0.8%CWE-200

An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://avantfax.com https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md