CVE-2023-34085
low
ForgeRock CVSS v3 Base Score
2.6
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Confidentiality
Low
Integrity
None
Availability
None
Published: October 25, 2023 (931 days ago)
Last Modified: November 21, 2024
Vendor: ForgeRock
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request