Vulnerabilities > CVE-2023-48375 - Missing Authorization vulnerability in Csharp CWS Collaborative Development Platform 10.25

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
csharp
CWE-862
NVD
Published: 2023-12-15
Updated: 2024-11-21

Summary

SmartStar Software CWS is a web-based integration platform, it has a vulnerability of missing authorization and users are able to access data or perform actions that they should not be allowed to perform via commands. An authenticated with normal user privilege can execute administrator privilege, resulting in performing arbitrary system operations or disrupting service.

Vulnerable Configurations

Part Description Count
Application
Csharp
1

Common Weakness Enumeration (CWE)

References