Vulnerabilities > CVE-2023-26580 - Files or Directories Accessible to External Parties vulnerability in Idattend Idweb 3.1.013/3.1.052

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
idattend
CWE-552

Summary

Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers.

Vulnerable Configurations

Part Description Count
Application
Idattend
3