ByteOS Network

NVD Vulnerability Details :

CVE-2023-7240

Deferred

Source-security@opentext.com

Published At-07 May, 2024 | 13:15

Updated At-15 Apr, 2026 | 00:35

An improper authorization level has been detected in the login panel. It may lead to unauthenticated Server Side Request Forgery and allows to perform open services enumeration. Server makes query to provided server (Server IP/DNS field) and is triggering connection to arbitrary address.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.8	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 5.8

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Weaknesses

CWE ID	Type	Source
CWE-20	Secondary	security@opentext.com

CWE ID: CWE-20

Type: Secondary

Source: security@opentext.com

References

Hyperlink	Source	Resource
https://www.netiq.com/documentation/identity-console/identity_console1720000_releasenotes/data/identity_console1720000_releasenotes.html	security@opentext.com	N/A
https://www.netiq.com/documentation/identity-console/identity_console1720000_releasenotes/data/identity_console1720000_releasenotes.html	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: https://www.netiq.com/documentation/identity-console/identity_console1720000_releasenotes/data/identity_console1720000_releasenotes.html

Source: security@opentext.com

Resource: N/A

Hyperlink: https://www.netiq.com/documentation/identity-console/identity_console1720000_releasenotes/data/identity_console1720000_releasenotes.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History