Vulnerabilities > CVE-2023-33368 - Exposure of Resource to Wrong Sphere vulnerability in Assaabloy Control ID Idsecure 4.7.26.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |