Vulnerabilities > CVE-2023-43194 - Missing Authorization vulnerability in Rcos Submitty 22.06.00

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
rcos
CWE-862
NVD
Published: 2023-11-02
Updated: 2023-11-10

Summary

Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter.

Vulnerable Configurations

Part Description Count
Application
Rcos
1

Common Weakness Enumeration (CWE)

References