Wind River Support Network

HomeDefectsLIN1023-2697
Not to be fixed

LIN1023-2697 : Security Advisory - cfengine - CVE-2023-45684

Created: Nov 15, 2023    Updated: Dec 28, 2023
Resolved Date: Dec 28, 2023
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub.

CREATE(Triage):(User=admin) CVE-2023-45684 (https://nvd.nist.gov/vuln/detail/CVE-2023-45684)
  • Linkedin
  • Facebook
  • Twitter
  • Youtube