How severe is CVE-2023-28764?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2023-28764?

This is classified as CWE-522, which is a common weakness in software security.

CVE-2023-28764 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact on the integrity and availability of the system.

Related Vulnerabilities

CVE-2017-16718

MEDIUM

CVSS:5.9(Medium)

Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol uses user configured routes, that can be edited remotely via AD...

CWE-5222017

CVE-2019-4138

MEDIUM

CVSS:5.9(Medium)

IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An...

CWE-5222019

CVE-2019-4385

MEDIUM

CVSS:5.9(Medium)

IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. I...

CWE-5222019

CVE-2020-23036

MEDIUM

CVSS:5.9(Medium)

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the `password` authentication parameter of the wifi photo transfer module. ...

CWE-5222020

CVE-2021-23222

MEDIUM

CVSS:5.9(Medium)

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.

CWE-5222021

CVE-2021-29043

MEDIUM

CVSS:5.9(Medium)

The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S...

CWE-5222021