How severe is CVE-2023-23128?

CVE-2023-23128 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2023-23128

Name: connectwise
Author: connectwise

6.1MEDIUM

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). The vendor's position is that two endpoints have Access-Control-Allow-Origin wildcarding to support product f

发布于: 2/1/2023更新于: 3/27/2025

描述

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS). The vendor's position is that two endpoints have Access-Control-Allow-Origin wildcarding to support product functionality, and that there is no risk from this behavior. The vulnerability report is thus not valid.

AI分析AI驱动

受影响产品

connectwiseconnectwise

22.8.10013.8329

参考资料

https://github.com/l00neyhacker/CVE-2023-23128
Third Party Advisory
https://github.com/l00neyhacker/CVE-2023-23128
Third Party Advisory