CVE-2023-2703

Information Disclosure in Finex Media's Competition Management System

CVSS 7.5 HIGHEPSS 0.6%CWE-359

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.5EPSS 0.6%KEV nãoPoC —Patch —

Lifecycle

23 May 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users. This issue affects Competition Management System: before 23.07.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Finex Media · Competition Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0283 https://www.usom.gov.tr/bildirim/tr-23-0283