Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2023-3529
PUBLISHED
More InfoOfficial Page
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
View Known Exploited Vulnerability (KEV) details
Published At-06 Jul, 2023 | 18:31
Updated At-02 Aug, 2024 | 06:55
Rejected At-
▼CVE Numbering Authority (CNA)
Rotem Dynamics Rotem CRM OTP URI Interface information exposure

A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to 20230729. This affects an unknown part of the file /LandingPages/api/otp/send?id=[ID][ampersand]method=sms of the component OTP URI Interface. The manipulation leads to information exposure through discrepancy. It is possible to initiate the attack remotely. The identifier VDB-233253 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Products
Vendor
Rotem Dynamics
Product
Rotem CRM
Modules
  • OTP URI Interface
Versions
Affected
  • 20230729
Problem Types
TypeCWE IDDescription
CWECWE-203CWE-203 Information Exposure Through Discrepancy
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.05.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2.04.0N/A
AV:N/AC:L/Au:S/C:P/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Erez Kalman
Timeline
EventDate
Advisory disclosed2023-07-06 00:00:00
CVE reserved2023-07-06 00:00:00
VulDB entry created2023-07-06 02:00:00
VulDB entry last update2023-07-25 09:41:40
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.233253
vdb-entry
technical-description
https://vuldb.com/?ctiid.233253
signature
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.233253
vdb-entry
technical-description
x_transferred
https://vuldb.com/?ctiid.233253
signature
x_transferred
Details not found