How severe is CVE-2023-42032?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2023-42032?

This is classified as CWE-749, which is a common weakness in software security.

CVE-2023-42032 - HIGH Severity | CVSS 7.5

Vulnerability Description

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doRTAAccessUPass method. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to disclose information in the context of the application. Was ZDI-CAN-21611.

Related Vulnerabilities

CVE-2006-1547

HIGH

CVSS:7.5(High)

ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name ...

CWE-7492006

CVE-2010-1428

HIGH

CVSS:7.5(High)

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for ...

CWE-7492010

CVE-2021-33639

HIGH

CVSS:7.5(High)

REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified.

CWE-7492021

CVE-2021-35243

HIGH

CVSS:7.5(High)

The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload dat...

CWE-7492021

CVE-2023-34227

HIGH

CVSS:7.5(High)

In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

CWE-7492023

CVE-2023-3655

HIGH

CVSS:7.5(High)

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system setti...

CWE-7492023