How severe is CVE-2023-31292?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2023-31292?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2023-31292

MEDIUM Year: 2023

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-287

View all →

Vulnerability Description

An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack.

CVE-2010-2496

MEDIUM

CVSS:5.5(Medium)

stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its op...

CWE-2872010

CVE-2014-8180

MEDIUM

CVSS:5.5(Medium)

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

CWE-2872014

CVE-2016-5410

MEDIUM

CVSS:5.5(Medium)

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry...

CWE-2872016

CVE-2018-1106

MEDIUM

CVSS:5.5(Medium)

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to i...

CWE-2872018