How severe is CVE-2023-23128?

CVE-2023-23128 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2023-23128

Name: connectwise
Author: connectwise

6.1MEDIUM

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). The vendor's position is that two endpoints have Access-Control-Allow-Origin wildcarding to support product f

Veröffentlicht: 2/1/2023Aktualisiert: 3/27/2025

Beschreibung

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). The vendor's position is that two endpoints have Access-Control-Allow-Origin wildcarding to support product functionality, and that there is no risk from this behavior. The vulnerability report is thus not valid.

KI-AnalyseKI-gestützt

Betroffene Produkte

connectwiseconnectwise

22.8.10013.8329

Referenzen

https://github.com/l00neyhacker/CVE-2023-23128
Third Party Advisory
https://github.com/l00neyhacker/CVE-2023-23128
Third Party Advisory