How severe is CVE-2023-49312?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2023-49312?

This is classified as CWE-295, which is a common weakness in software security.

CVE-2023-49312

CRITICAL Year: 2023

CVSS v3 Score

9.1

Critical

Weakness Type

CWE-295

View all →

Vulnerability Description

Precision Bridge PrecisionBridge.exe (aka the thick client) before 7.3.21 allows an integrity violation in which the same license key is used on multiple systems, via vectors involving a Process Hacker memory dump, error message inspection, and modification of a MAC address.

CVE-2014-8164

CRITICAL

CVSS:9.1(Critical)

A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.

CWE-2952014

CVE-2017-17944

CRITICAL

CVSS:9.1(Critical)

The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation.

CWE-2952017

CVE-2017-17945

CRITICAL

CVSS:9.1(Critical)

The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.

CWE-2952017

CVE-2017-18911

CRITICAL

CVSS:9.1(Critical)

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate validation can be skipped for a TLS-based e-mail server.

CWE-2952017

CVE-2018-5926

CRITICAL

CVSS:9.1(Critical)

A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier.

CWE-2952018

CVE-2019-17560

CRITICAL

CVSS:9.1(Critical)

The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the downloa...

CWE-2952019

CVE-2023-49312

Vulnerability Description

Related Vulnerabilities

CVE-2014-8164

CVE-2017-17944

CVE-2017-17945

CVE-2017-18911

CVE-2018-5926

CVE-2019-17560